What is Phisling and how to avoid it?

By abhishek at 8 October, 2009, 7:52 am

The first thing my 55 year old not so IT savvy boss told me when I reached office yesterday was, ‘Did you read today’s front page news? Some thousands of emails from Google and Hotmail have been hacked and posted online for every one of us to see.’ As a subscriber of Google News, I simply nodded for I admittedly had not received any RSS feed of any such news that morning! And then my boss enquired, “What’s this deal with Phishing?”

I am no expert in technology, but I didn’t want to look bad either. Hence, I did what millions of web users do when they want to know (and flaunt) about a thing of which they have no idea of. I logged on to Wikipedia.

Wiki defines phishing as a criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Man I love Wiki for being so ‘to the point’. In Lay man’s terms, you may receive a mail which looks as if it were from a bank or a financial institution where you are asked to enter details which are spoon fed to the hacker.

Also, the security of our mail id password is not as strong as our banking passwords. That’s not very reassuring. Less than a month ago, I couldn’t access my Gmail account because of some outage in Google’s servers and now this!

But it’s not as fatal as it sounds. Our information is safe in the databases of these Fortune 500 companies. So why the security breach? How did the hackers get hold of our confidential information? We are to be blamed partly for this. The users, i.e. all of us volunteer to give out our information on sites which we probably should not be visiting (like suspicious porn sites) or to be fair to us we may be lured into websites and get conned into providing our personal information for downloading stuff for free.

The fight against phishing is on; something to keep the cyber police busy. Recently, in a covert operation named ‘Phish Phry’, US and Egypt cast its net (pardon the bad metaphor) on 100 suspects. Unlike the recent hacking of mail ids, these hackers pulled off an enviable heist. The hackers used sensitive account data of people like you and me to access bank accounts at Bank of America and Wells Fargo and clean off all cash.

As long as the Internet lives, these attacks will continue. While we can attempt to be safe with our banking information by not giving it out carelessly, as a non hacker and an innocent internet user, how do we prevent ourselves from getting whipped with our mail ids? If the ingenuous hacker changes our password and we hit a wall, how do we retrieve it? Tech blogger, Amit Agarwal gives a series of simple steps that we can take in case of such eventuality. Yeah, believe it or not, you can recover your password even if the hacker has changed it at his end. Google will provide you a new one on your alternate mail id. Now, if you are one of the unluckier ones whose alternate email id has also been hacked, then you should probably stick to snail mail.

Have been often my blog, Why don't you subscribe to our RSS feed.

If you enjoyed this post, make sure you subscribe to my RSS feed! Hope to see you again

Categories : Technology