DomainKeys Offers Phishing Solution - How They Fool You
(Page 2 of 4 )
Type 1: The Direct Approach
In this tactic the phisherman sends you an email, pretending to be a representative of a company that you do business with. Maybe they pose as your bank, or an eBay official or the site administrator over at PayPal. They tell you there is a problem with your account and they need your password to fix it; could you please send it to them via this email address within 72 hours of the receipt of this communication?
This is the older of the two methods. This is also why, on many sites and legitimate communications, you see the line "We will never ask you for your user name or password" or a similar notice.
Type 2: The Independent Approach
This tactic is similar to the first one in that the sender of the email claims to be some sort of an official who needs your help to clear up a problem with your account. The email does not ask you to give your password away, but merely to follow the link below to the main page of the site and log in to either correct the problem or verify information.
Of course this link does not lead to the real PayPal or eBay site, but to a cloned impostor that saves your log on data for the phisherman's later use. These are slightly harder to detect because they truly look like official communications you may sometimes receive.
No matter which type of attack is used, the end result when you fall prey to one is the same. The information that you provided to what you believed to be a safe source can lead to your accounts being bled dry, high online shopping spree bills or your identity stolen for months or years of use before you discover a problem. None of these are a great situation to be in.
More Web Hosting Articles Articles
More By Katie Gatto