Jul 17, 2007

[Security] How aware are you about phishing?

Are you familiar with phishing?

Phishing is one of the new frontier of malicious activity over the Internet. While malware do damage to computers and networks, phishing is more insidious and more malicious. The goal of phishing is to gain money. Its objective is to gain a person's logon credentials for known business, e-commerce, and online bank sites. Phishing takes several forms and combinations of these forms, but the most common is by spoofing a Web site login page. There's also HTML email phishing; I am sure you have encountered spam emails purporting to have come from eBay or PayPal. I receive several of those every day.

Now, how well can you spot a phishing attempt? Take this quiz from McAfee SiteAdvisor. I got seven out of ten, so that means I have to be careful a wee bit. You will be surprised on the methods in determining whether a site is a spoof or not.

Why should you take phishing seriously? Quoting from CSO:

According to Gartner, between May 2004 and May 2005, roughly 1.2 million U.S. computer users suffered phishing losses valued at $929 million.

By this time, the amount should be more than a billion US dollars. That's serious money, and some people realized that there is a market for phishing. Hence, phishing kits are now available, allowing you to set up a phishing site/spoof Web site within second.

Be careful if you do online transactions, specially if they involve money.

(Crossposted from here.)

PS: Post your score at the comments. (I should have added this yesterday.)


  1. Phishing.. hmm, isn't that what you do when you stick a rod with a worm and a hook at the end in a body of water?


  2. you silly man.

    you aren't very good at sticking to a "blogging hiatus" are you?

    you might as well write "non-blog, background entries" for the Geeky Guide while you're at it, haha

  3. Seriously, that's the idea. Security analysts tend to "borrow" words. Wait till you hear about pharming.

    Ey, take the quiz and post your score here! Be honest he he.

  4. Ooh. I got 8 out of 10. Must be my lawyerly eye for detail.

  5. Ugh. 5/10. Masakit na mata ko eh, I didn't check the grammar that much (lesson learned). I was looking at the site design.

  6. Decent attempt still, Q.

    But yes, phishing is really tricky these days. Most folks normally get hit by those annoying "Yahoo Photos" fake pages sent via the YM network.

    Go figure.

  7. You are one scary geek, Rocky he he.

    Hi Q, that's why it is important for everyone to know more about online security. The good thing is that you took the quiz, and now you are more aware about phishing. That is the first step - awareness.