Phishermen’ trick people into revealing their personal details (such as their passwords or credit card numbers) by imitating reputable websites. This is known as ‘phishing’.
Phishermen create website that closely resemble the home pages of online banks and commercial websites such as E-bay. They then send millions of emails out using mailing lists that give the people receiving the email the impression that they are receiving an official message from each website asking them to confirm their security details by clicking on a link.
If the request is actioned the person will be taken to the fake website, where they will be persuaded to attempt to log on and as they do so their security details are recorded. The fake website tells them that an invalid password was entered and to try again at which point they are often sent to the bona-fide website where the person successfully logs on.
The person is often unaware that a third-party has now recorded their security details and the bona-fide website is not aware of any problem.
There are many variations but in all cases it is an attempt to get people to part with security information that can then be used dishonestly by a third-party.
Where security is breached in this way who do you think should be held responsible for any loss?
Take part in this weeks survey Phishing - whose responsibility?
No comments:
Post a Comment