Sir, Do not Phish here

posted Jul 22nd 2010 at 1:15PM | Filed under: Internet » Internet

Phishing is such a prevalent form of of cyber-crime these days - it's the art of fishing for information with a decoy email, link and other such ways that act as a bait for the victim. Phishing information is one of the most dis-honorable practices on the Internet.

Privacy of an individual's personal data is a raging issue - the famous comic-book vigilante Batman said, "Privacy is only a state of mind." In today's borderless and facebooked world, the problem is the trust-worthiness of people in the virtual village, who may unwittingly be a part of a phishing scam. As an example, see this entry of a malware and phishing attack on Facebook. This might be because their id's itself have been hacked, which cannot be detected. You might have seen many spam messages from close contacts.

There are many scams out there, the Nigerian scam, the UK lottery, iPad or other product gift vouchers, Chinese whole-seller websites but what came as a rude shock was a link from a personal contact. The person happens to be a 'trusted contact', and works for a reputed insurance company in Mumbai but the link the person sent was a phishing site. In many such cases, the 'trusted contact' will claim that the account was hacked or he/she did not know what it was. Furthermore, when I confronted the person of the wrongdoing he/she accepted it and asked me if I had indeed changed my password. The bluntness was even more of a shocker.

The link he tried to fool me with is here http://free.7host05.com/sharepic343/orkutlogin.htm

I would like the reader to try it by giving a false name and password as your orkut id and enter the information you would observe that you can still the picture by logging in with wrong information. The more important part is the URL read it http://free.7host05.com/sharepic343/

Submitinfo.asp it clearly reads Submitinfo.asp. This is not a proper url. In any case, if you do happen to click on such a link, immediately change your password and the security question. Also, keep the password of the primary email id different from the id in question. For me, it was revelation as it link rang a bell that nothing is safe on the Internet anymore. The person in question works for a reputed corporate and was clearly phishing for information. The actions are a clear neglect of right to privacy but more importantly the contact is trying to leverage himself with privileged information. Many users have their bank account details on email or a mail from their doctor or anything that an insurance company may use for any information. Is it the reason the person tried to access my id? The other question how can one be sure if the other person had indeed tried to access the information. In this case, he bluntly asked me.

An excerpt of the chat we had

Me: Why did u send me that link?

~A~: did u changed ur password

Me: u actually tried to log into gtalk with my id

~A~: ya i did

but password was not corrent

eithter u changed

or u supplied wrong one

The person in question could do it because he had setup a proxy link to collect information. Nevertheless, in doing so he might have had a prank in mind. Inadvertently though has actually pulled a lawsuit on himself and the company in question. As young teenagers with no motive, phishing was about pranks. In today's scenario, though phishing in a pond of corporate information is nothing less than a lawsuit. If you come across such links or people preying like vultures on your information sincerely request them not to Phish in the comments below! Alternatively, you can pursue it in a legal manner; contact your lawyer for more information.

TAGS:

Hackers, Phishing, Password, Data, Insurance, Scams

Google Maps displays Jammu &...

Google acquires Slide to build a...

To:
Message:
	Sir, Do not Phish here http://technoholik.com/news-internet/sir-do-not-phis... There are many scams out there, what came as a rude shock was a link from a personal contact. The...