Phishing: don't get hooked

Phishing: don’t get hooked

With one in every 400 emails now a suspected phishing attack, computer users are being encouraged to increase their knowledge, open their eyes, and pay attention. Indeed, as cyberspace has no police force to patrol its endless corridors, individuals and organizations must ensure that they look out for their own interests online.

The rise in phishing attacks points to the need for people to look out for themselves online.

According to a report published by three academics from Harvard and Berkley universities, a well-crafted phishing attack is almost impossible to spot for most users, and hence the rapid growth in phishing-related scams.

Consumer phishing attacks still far outnumber those specifically targeting businesses and institutions, but this news should not lull network security managers into a false sense of security, as we will undoubtedly witness an increase in this aspect of phishing in the months ahead.

Although not targeted directly as yet by phishing scams, commercial and public sector organizations are already suffering losses as a result of these attacks, as their brands and online assets are reused by spoof emails and counterfeit websites. With losses accruing in the form of brand deformation and fraudulent transactions, companies and institutions in the public eye must do everything within their power to minimize the impact of phishing on their customers and on their corporate image.

The aforementioned research published by Messrs Dhamija, Tygar, and Hearst in 2006, provided us with the first real empirical evidence to suggest that many of the familiar security indicators in common use today are not effective when it comes to protecting users from phishing attacks. By studying phishing attacks dating back to 2003, the group identified three main dimensions along which attacks took place: lack of knowledge, visual deception, and lack of attention.

The participants in the phishing study ranged in age from 18 to 56, were students and university staff, and had varying levels of education. The tests reveal some interesting results, but the bottom line was as follows: a well-constructed phishing website was able to fool 90% of participants.

Web browsers, email clients, and computer operating systems designed for another age must continue to harden and evolve, and, ultimately, we the users must become aware and responsible for our actions online. So, as the UK government-sponsored Get Safe Online website tells us: There is no such thing as ‘the internet police,’ and therefore individuals and organizations must look out for their own interests in cyberspace.

Source: OpinionWire by Butler Group (www.butlergroup.com)

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing