At the end of the 1990s, scams such as “the grandchild trick,” have existed.
ICQ users were asked by email to enter their login details. The hackers were able to use the chat access under a false identity. The first attacks in online banking began with letters that looked official and were sent by email. Transferring data such as username, password, PIN and TAN made it possible to make money transfers quickly.
Is an English made-up word (neologism of “fishing”). Combination of “password harvesting” and “fishing”. Figuratively fishing for passwords with a bait. The notation with Ph- also comes from hacking jargon (cf. phreaking).
Attempts are made to obtain the personal data of a “user” via fake e-mails, websites and even short messages in order to steal the identity.
The aim of the fraud is usually to plunder the account and thus harm the “user”. Since the victim’s naivety is exploited, this method is a form of social engineering .
Data collection methods
A phishing attack begins with an email that is kept personal. The goal is for the recipient to visit a fraudulent website and enter their personal information. Clumsy wording, as well as orthographic or syntactical errors, are usually noticeable and recognizable. Incorrect coding, such as single Cyrillic letters instead of correct, Western special characters can also be an indication of an attack. If the attack is successful, it is usually followed by a short confirmation or a false error message to subsequently dispel the victim’s mistrust.
This is a targeted attack. It is derived from the English translation of the term spear. Attackers use the student council of a university to obtain the e-mail addresses of the students there in order to send them a targeted phishing e-mail in the corporate design of a locally based bank.
The “hit rate” is higher because the probability that a student has his bank account with this institute is very high.
With the help of “ Trojans“, one physically places oneself between the communication of the customer and the bank (Man-in-the-Middle-Attack ). The data traffic can thus be intercepted so that it never reaches the bank. Phishing attack targets include access data for:
Online banking or online payment systems (e.g. PayPal). Attacks are carried out on the following facilities:
- Mail-order companies
- Internet auction houses
- Web-based online consultancies
- Packing stations
- Dating sites.
Consequences of identity theft:
- Considerable damage in the form of financial loss
- Damage to reputation
HTML e-mail can be used to create e-mails graphically using web design. Although the link text represents the original address, in reality, the invisible link destination is linked to the address of the fake website (link spoofing).
The ambiguity of visible characters can be exploited in e-mails as in websites. This deceives the user about the real address of the sender of a mail or the real URL of a website.
The link visible in the e-mail program can actually refer to a completely different website with the integration of HTML. Information about it can be additionally falsified using scripting techniques, provided that the e-mail program runs such scripts. In other cases, the reference is displayed as a graphic to make text recognition by automatic filtering systems more difficult. The text then appears on the user’s screen, but it is graphic.
In order to make the mail look more genuine, the sender’s e-mail address is also often faked in phishing.
Fake pages are very difficult to identify as fakes. Similar sounding names or designations, such as the official pages or companies, are typical for fake landing pages.
With the possibility of using internationalized domain names in URLs, new possibilities for URL spoofing emerged.
Original address: http://www.ue-nationalbank.rlp.de/
Fake: http: //www.ü-nationalbank.rlp.de/
Protection against phishing
General IT security tips on phishing emails:
You should be able to perceive the signs of phishing by showing a healthy distrust. An e-mail without a salutation and in bad language that urges you to do something is an indication of this. Most often, this email has a fake sender URL from abroad.