What is Phishing? Well, phishing can be translated into what it is read. Fishing. Yes. Exactly.
Why??
Phishing is an act of stealing usernames, passwords, and other types of personal information by using any method such as social engineering, web forgery, and many other hacking techniques.
One of these tricks, messing with links, traps unaware users that never looks into the url address bar of their browser while browsing. So, the first prevention trick would be : "Looking to your address bar whenever you browse a page."
Looking to your address bar whenever you browse a page
For instance, if your are going to http://www.facebook.com/, make sure that the browser address bar shows exactly the same as what you expect, which is http://www.facebook.com/ and not http://www.facebook.net/ or http://www.facebok.com/.
The easy way to prevent mistyping:
Bookmark the page by pressing Ctrl+D
Whenever you want to access the page, you can select it from the bookmark list to prevent mistyping which could lead to serious problems.
Now, having the first prevention method, you might ask: Is that all?
No way!
Let's see the hacker's second method:
DNS Redirection and Link Faking
DNS redirection, done by editing Windows HOSTS File, is quite dangerous too. Although you have bookmarked the page, it will still redirect you to a page with a specified DNS.
For example, you have bookmarked http://www.facebook.com/. This request will first read through the DNS list inside the Windows HOSTS File. Let's assume the content looks like this:
74.125.224.50 www.facebook.com
You will be redirected to http://www.google.com/ when you try to access your bookmarked Facebook Site.
See? Hackers are creative.
Cleaning the content of Windows HOSTS File
The Windows HOSTS File is commonly located in C:\Windows\system32\drivers\etc\hosts
To clean its content, simply follow this steps:
Link Faking
Link Faking is a simple yet tricky way to trap users.
Here is an example: http://www.google.com/
Clicking that link, you expect the browser to navigate to Google. However, it will bring you to Facebook. Imagine if the redirected website has a look exactly the same as your destination website, you will end up having your personal information stolen.
My advice would be : "Always be aware of your browser address bar."
DNS Spoofing
Another method, which is the last I will tell you about, is the "DNS Spoofing". This trick can be done using some programs like Cain and Abel.
It will redirect you to a forged website, which is already prepared by a hacker, without changing your address bar. You won't notice that you are on a fake website.
This trick can't be recognized by normal users. So, simply update your Antivirus program to its latest patch.
There are more ways that I haven't mentioned, hackers are always one step ahead, so be careful and always get updated with the latest information available.
Thanks for reading.
Cyber Frost
Why??
Phishing is an act of stealing usernames, passwords, and other types of personal information by using any method such as social engineering, web forgery, and many other hacking techniques.
One of these tricks, messing with links, traps unaware users that never looks into the url address bar of their browser while browsing. So, the first prevention trick would be : "Looking to your address bar whenever you browse a page."
Looking to your address bar whenever you browse a page
For instance, if your are going to http://www.facebook.com/, make sure that the browser address bar shows exactly the same as what you expect, which is http://www.facebook.com/ and not http://www.facebook.net/ or http://www.facebok.com/.
The easy way to prevent mistyping:
Bookmark the page by pressing Ctrl+D
Whenever you want to access the page, you can select it from the bookmark list to prevent mistyping which could lead to serious problems.
Now, having the first prevention method, you might ask: Is that all?
No way!
Let's see the hacker's second method:
DNS Redirection and Link Faking
DNS redirection, done by editing Windows HOSTS File, is quite dangerous too. Although you have bookmarked the page, it will still redirect you to a page with a specified DNS.
For example, you have bookmarked http://www.facebook.com/. This request will first read through the DNS list inside the Windows HOSTS File. Let's assume the content looks like this:
74.125.224.50 www.facebook.com
You will be redirected to http://www.google.com/ when you try to access your bookmarked Facebook Site.
See? Hackers are creative.
Cleaning the content of Windows HOSTS File
The Windows HOSTS File is commonly located in C:\Windows\system32\drivers\etc\hosts
To clean its content, simply follow this steps:
- Open cmd
- Type in "echo clean>C:\Windows\system32\drivers\etc\hosts" (without quotes)
- Press Enter
Link Faking
Link Faking is a simple yet tricky way to trap users.
Here is an example: http://www.google.com/
Clicking that link, you expect the browser to navigate to Google. However, it will bring you to Facebook. Imagine if the redirected website has a look exactly the same as your destination website, you will end up having your personal information stolen.
My advice would be : "Always be aware of your browser address bar."
DNS Spoofing
Another method, which is the last I will tell you about, is the "DNS Spoofing". This trick can be done using some programs like Cain and Abel.
It will redirect you to a forged website, which is already prepared by a hacker, without changing your address bar. You won't notice that you are on a fake website.
This trick can't be recognized by normal users. So, simply update your Antivirus program to its latest patch.
There are more ways that I haven't mentioned, hackers are always one step ahead, so be careful and always get updated with the latest information available.
Thanks for reading.
Cyber Frost
No comments:
Post a Comment