In recent weeks, clients of several hosting companies have been the victim of phishing attacks that aim to steal their login credentials in order to hijack sites. In this article I’m going to take a look at what a phishing attack involves and how web hosting clients can protect themselves. [Read more…] about Don’t Lose Your Site To A Phishing Attack
One of the dangers of the digital world is how easy it can be for criminals to remain anonymous. The automatic reaction of most people who get texts is to respond to that text. A text from a stranger can easily be confused with a text from a friend and the next thing you know, your personal information has been compromised. When you learn the tactics of the scammer, then you can protect yourself from harm.
How It Works
Image via Flickr by Joi
This latest form of digital thievery is called SMS phishing because it’s using text messages to try and either hack into your smartphone and get your address files, or it’s trying to get you to go to a website or text back your personal information to a phone number. It’s happening more frequently, and it can be dangerous for smartphone users, especially those who have multiple accounts with similar passwords. [Read more…] about Don’t Get “Smished”: How Scammers are Targeting Your Smartphone
If you have an iTunes account that you use to purchase apps, songs, etc. for, then you were probably one of those who have been anxious in the past day or so. Reports that iTunes has been hacked spread like wildfire the other day. Posts in mainstream sites such as TechCrunch probably served to make people more anxious and alleviate fears at the same time. I say people probably got more anxious because TechCrunch showed proof that unauthorized (at least by the account owners) purchases had been made, but at the end of the post, there is a statement from Apple saying that they have not been hacked (which is still kind of a good thing).
So what is really happening? What happened? If iTunes has not bee hacked, then why have so many people lost money via “illegal” purchases?
John Paczkowski of Digital Daily offers an explanation:
…not much to their assertion that Apple (AAPL) is at fault here. There’s no security hole in iTunes, and if you’ve been unfortunate enough to have hundreds of dollars in unauthorized purchases charged to your iTunes account, it’s likely because you’ve fallen victim to a bot attack or phishing scam–a variation on the one that’s been around for years now. Sources close to Apple tell me iTunes has not been compromised and the company isn’t aware of any sudden increase in fraudulent transactions.
More likely than not, the PayPal accounts of the affected users are the ones that had been compromised. Bottom line: iTunes is safe.
The question is: how secure are your PayPal accounts? This is happening now, it has happened before, it will happen again. Remember all those tips about passwords and phishing. They just might save you a whole load of money.
World of Warcraft players, beware! You are now the target of a group (or groups) of cyber criminals. The scam’s premise is nothing new – the cyber criminals send e-mails to WoW gamers, asking them to verify their Battle.net account. In order to do so, the gamer has to enter his password. Of course, the web site to which the gamer is directed to is a fake one, and once the details are inputted – poor gamer!
Discovered and made public by F-Secure, a Finnish antivirus vendor, the scam is only one of the tactics that various cyber criminals are using. Another on going thing is someone sends you a chat message on WoW. This is in relation to the new Cataclysm beta. Spam Fighter shares the details:
Tom Kelchner, Security Researcher at Sunbelt, states that his friend Douglas got one message in a chat session from a person who employed the handle “BlizzalCOL” during the WoW game. He told him about the availability of the beta so the Cataclysm on the World of Warcraft map could expand, as reported by Sunbeltblog on July 13, 2010.
Kelchner further wrote that the message spread via an URL that took to Cataclysmtest.net looking like the login page of WoW.
He added that to determine the destination of the Cataclysmtest.net, he fed an unreal username and password to the site. Surprisingly, they were accepted, implying that the site was possibly stealing login information. Hence, it was a phishing site.
With WoW accounts being in high demand – especially those who have well-established characters – these developments are not surprising at all, are they? Needless to say, WoW players ought to be even more careful about using their login details.
In the first part of our expedition in the land of phishers, we learned the various methods that they use to deceive unwary victims. Before going on the second part of this phishing journey, let me remind you that I did not publish the first of this two-part article to cultivate the phishers inside us. I am writing this merely to inform you of the dangers such attacks might cause by showing how they work. It is actually in this second part that I will tell you how to avoid any kind of phishing attacks. Having said that, let us begin with a few statistics and cases that I gathered all over the Internet to strengthen your urge towards phishing awareness.
Giving Man a Phish
Phishing can deal a wide array of damages, ranging from inability to access your online accounts to loss of virtual financial resources and even your virtual identity, if you are the type of person who uses one or two passwords for all your accounts in the web. To further illustrate how damaging phishing can get, let me show you some cases and figures.
RSA’s Anti-Fraud Command Center or AFCC, a group dedicated on detection, monitoring, tracking, and closing phishing sites, has shut down over 60,000 phishing attacks throughout its existence. It has created reports on phishing kits, international domain attacks, and spread of malicious programs, all of which we discussed in the first article.
Last November, AFCC detected a phishing website that spoofed YouTube, the popular website that hosts user-generated videos. With a very big number of people aware of what YouTube is, phishers decided to send e-mail messages asking the user to click on a link with YouTube content in it. Once clicked, the spoof YouTube website then displays a message telling the user that the video is unable to play because of certain reasons, requiring the user to install a Flash player. The spoof site further offers a link to a supposed Flash player installation file, which in fact is a link that downloads malicious programs or malware to the user’s computer. Clever and nasty!
Going further back to October, a group of phishers used, instead, internationalized domain names or IDNs—web addresses used locally depending on the country. Through IDNs, international websites can use the native language of the country where a website is opened. And just by that, phishers can easily hide their phishing URL’s identity just by using alphabet codes other than the usual ASCII (American Standard Code for Information Interchange) configuration. By this, a URL can look genuine even though it is configured using another coding standard. Although the attack that the AFCC discovered did not attempt to spoof a genuine domain because the phishers behind didn’t fully realize and utilize the advantages of using IDNs for identity theft, the existence of IDN phishing alone is enough to alert AFCC and shut such activity down.
Also done last October, Microsoft released their Security Intelligence Report against phishing throughout the first half of the year 2007. In the report, Microsoft presented a realization that over the first six months of this year, there had been 150 per cent increase in phishing activities, amounting to 31.6 million scams. They also found out that two Trojan horse families that infect computers actually steal confidential data from the victim, and as such, can be considered phishing scam as well. Further, there was a 500 per cent increase in downloaders of malware like key loggers and password stealers.
In the latest studies and discoveries of the Anti-Phishing Working Group or APWG, an association that aims to eliminate phishing attacks throughout the web, it detected 32,079 phishing websites last August and 30,999 last July. Over 90 per cent of those phishing websites on both records has online finance and transactions as target, more than half of them targeting European institutions. Approximately, 20,000 to 30,000 of the reported phishing websites every month comprise unique phishing attacks. Also, based on APWG’s reports, there were 110 to 180 brands hijacked by phishers every month, August’s being 129 while July’s is at 126.
The APWG has discovered 294 unique key loggers last August, and, as we have discussed earlier in the first article, key loggers allow phishing, which can further lead to the spread of other malicious programs like how the ones above did. The highest recorded unique key logging variants amounted to 345, which cam into being last January of this year. Also, the group was able to record unique URLs containing key loggers. Last August, there were 2,880 URLs with password-stealing codes. The highest number of URLs with coded key loggers this year, according to APWG, was last May, with 3,353. The records under URLs containing key loggers range roughly from approximately 1,500 to 3,400 reports.
And finally, some good news. Javelin Strategy and Research, a website created to aid in topics that are finance-related, released a report on identity fraud against business and online transaction services. In the report, it showed a decrease in the number of U.s.-based adult victims of identity theft from 2003’s 10.1 million to 2005’s 9.3 million and even to 2007’s 8.4 million. Phished money decreased from $55.7 billion in 2006 to $49.3 billion in 2007. Moving along, Javelin found out that at the most common time, every victim has to wait 40 hours for a resolution to come, and that was in 2006. Today, every victim only has to wait for 25 hours before the phisher is detected and proper action is taken.
You can search Google for more information on phishing statistics. I just showed you four studies and results that discuses phishing activities this year. And finally, I will present you the ways on how to avoid phishing activities from getting you.
No (More) Phishing Allowed
Although it is generally hard to spot phishing clues as they have evolved to more complex, more believable, and seemingly perfect replicas of the websites they are spoofing, there are still ways to implement the lesson: Prevention is better than cure.
Basic education on websites and programming is one of the key social responses, as a user who doesn’t really know the goings-on behind computer processes tend to just click away or type in confidential details and wait for the result of their action, which is often too risky. Remember, there is no undo buttons when you just “click away” or “type away” and “wait for results” from the opened website. If you initially don’t trust the sender of the e-mail message containing the link, don’t click the presented URL address or enter any confidential information.
Also, being a little observant can help you to distinguish whether a visited website is phony or not. Let’s have phlashing, for example. If you know that the website often opens as a text-and-image type of page, try right-clicking on the page you are visiting. Spare a few seconds to check if you right-clicked on a web page or if you right-clicked on a Flash page, for you might be visiting a phlashed web page instead of the original. Simple precautions like that still are the best.
On a second note, there are things that your online accounts know that phishers don’t. Let’s take PayPal for example. Messages coming from PayPal usually address you by your whole name, which it took from its database registry as you have input it there, so seeing something like “Dear PayPal Customer” should make you doubt the message initially.
Learn the difference between http:// and https:// (note the ‘s’ among the alphabetic characters. The https:// is a scheme used to indicate that the website employs a security method. In technical terms, http:// allows access to resources using a protocol that transfers contents into your browser. In https:// however, there is an extra encryption and authentication layer standing between your protocol and the Internet provider. The layer allows secured communication between the user and a service provider. And https:// stands for Hypertext Transfer Protocol over Secure Socket Layer. Having an https:// should mean that you are doing a sensitive transaction, so also check the certificate of the website using such security scheme.
Further, websites that ask you for certain measures to act on often include notices on their own website, like PayPal asking you to confirm a sent or received amount of virtual money. Instead of clicking the link, try manually typing the address in the URL bar and log directly using the website’s home page and not through the supposed website the link in your e-mail message follows. Your identity is safer that way.
Same goes with voice phishing. If you are dubious that the number appearing in your e-mail message is genuine, try contacting the company’s trunk line first, and from there, make your way to the transaction you are supposed to verify.
Although a lot of phishers are good at knowing details and facts about you, you are still the master of your virtual household. Learn to use several passwords instead of just one. By that, if a phisher gains access to, say, your blogging account and get ahold of your e-mail address, if you have different passwords between your blog account and your e-mail account, they cannot access your more sensitive account with your blog account password simply because the phisher knows the wrong password to the right account.
Other than the usual social response to phishing, once you are learned of the basics of the craft of programming, you can now employ certain technical measures when checking if the site you are viewing is phished or not.
Use your anti-phishing toolbar. I know I mentioned in the first article that despite checking websites if they are identified as spoof websites, anti-phishing toolbars are still not efficient. That is because you just let your toolbar sit on your computer while you wait for it to react. Not all automatic things are secured, so may I repeat again, use your anti-phishing toolbar. Get the ones that display the real address of the website along with a few details regarding the website. To use it, compare the address you visited from the data the toolbar gave you. If somehow some details didn’t match, doubt the website immediately. Just by that, you can avoid being phished 80 per cent of the time.
Browsers are also knowledgeable, too, when it comes to phishing. Internet Explorer 7, Firefox 2.0 and Opera 9.1 somehow implements their own anti-phishing programs as the toolbar versions do: IE7 uses a measure developed by an independent testing company; Firefox 2.0 uses Google’s anti-phishing software; and Opera 9.1 uses an array of phishing websites as checklist whether the visited website is a spoof or not.
Other than just keeping anti-phishing toolbars and browsers, update them too. Roughly 100 phishing attacks are launched everyday, so if they are easily detected by your computer, you aren’t only helping yourself but others as well because there are Internet communities that allow sharing of identified phishing websites list.
Even website owners did their share in the fight against phishing. Some website hosts have altered logos and images to alert the user if the site they visited has malicious code within it. Servers do the warning in this anti-phishing action as they send out warning messages if they cannot recognize the phisher’s embedded image after the change occur.
Some websites also employs security through sharing web objects, which are available only between the website and the user’s computer. A good example here is Yahoo! Mail, with its Sign-In Seal—a secret, according to Yahoo!, between the computer where it was set up on and the mail service. The seal will be an indicator that it is the genuine Yahoo! Site, because only you and Yahoo! can distinguish the image.
In relation to Yahoo! Mail’s Sign-In Seal, security skins are also implemented to tell users that a website is genuine. It also uses a user-selected image, but this time, instead of sharing between the user’s computer and the website, security skins share images between the user’s computers and the browser only. It will be more secured than the previous scheme as it relies on mutual authentication and your browser is not available around the Internet.
Seems like even the system used by e-mail service providers have learned their lessons. They now have spam filters that can reduce phishing e-mail messages and report them to the authorities at the same time.
If you are the techie type of person, then you might know a lot about how things go within the Internet world that you can employ advanced technical measures than the previous two above. If you have heard of specialized Domain Name System (DNS) service, then use it. DNS service acts like a firewall when it filters phishing sites from the ones you visits or have visited already. It works with any type of browsers too. Further security measures require outsiders to monitor and check around if the company is a likely to be the target of phishers. Such stand-alone security groups give out analysis and assistance for a company to avoid being phished, as it would be a grave financial damage if a company fell for a phishing scam. Moreover, individuals who know anti-phishing measures can be hired to check and report any loopholes that the company has. Better have an expert around!
Being initially doubtful of seemingly unexpected e-mail messages and website changes can often lead you to safety, so keep a close watch on your virtual surroundings. There you go, mate! Take care, and have a nice and phishing-free day!
The Internet is a vast world, so vast that it somehow is an existence similar to our real world: IP addresses for home addresses, e-mails for snail mails, even calling-enabled messengers for telephones and mobile phones. But a world is not a complete world without its prevailing crimes, right? If so, which crime is as widespread in the Internet as robbery is to the real world? It’s phishing.
Phishing is an act of illegally acquiring sensitive information, like usernames and passwords, from an unsuspecting user. Like fishing, the word it originated from where you use worms as bait to catch fishes, of course, phishing uses trustworthy websites (usually the online transaction types like e-bay and PayPal), e-mails, and online messengers for bait to catch unaware users and get sensitive information from them. But unlike computer viruses, which attack the computer’s internals, phishing deals a more serious damage in a personal, commonly financial level.
There are numerous ways for malicious Internet connoisseurs to phish out sensitive information. People who depend on Internet-based transactions should be wary of these phishing techniques that we will discuss next.
The most common of all phishing techniques in existence is link manipulation which, as the name states, directs your browser to a website different from the original website you are to visit through fiddled links. Link manipulation usually comes in the form of an e-mail message from what you think is your trustworthy website. Let’s look at a scenario that shows how link manipulation works.
You are checking your e-mail account when suddenly you receive a notice telling you to protect your PayPal account. As you click on the e-mail message link, you read through a seemingly original PayPal message, telling you that PayPal administrators have “noticed” that you attempted to log in using a foreign IP address (a clever alibi, I must say). In the middle of the baffling message appears a highlighted sentence telling you to verify your account, followed by the manipulated link. And after that, a frightening message appears: “If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.” That really leaves you no choice but to follow their manipulated link. Since you cannot afford to temporarily lose access to your virtual bank account, you clicked on the link, which opened the website created by the phisher. On the webpage, you are asked to enter your username and password to “log in” to your account. Thinking that you are furthering the security of your PayPal account, you provided the username and password, et voila! The phisher now knows your username and password and can eventually use them for his gain!
Often, such spoof websites have very minute differences from the original so the link can go unnoticed from a careless eye. Phishers use subdomains in order for their spoof link to keep a reference to the spoofed website, without really connecting to it. Also, phishers trick their victims by using deceiving anchor texts, words or phrases that stand for a link in a website. Through it, the spoof website looks legitimate since the anchor texts act as cover for the phishing link. And on a more complicated note, phishers can also use redirectors of Uniform Resource Locators or URLs to hide their phishing links behind trustworthy websites and domains.
What if you installed an anti-phishing filter to detect phony text contents of e-mail messages and web pages? Think you are safe enough? Think again. Phishers have seen through this, and their methods evolved from phony, plain text messages sent via e-mail providers. Filter evasion methods include using other web objects like images to avoid their manipulated links from being detected by filters.
Phishers can also use fake web pages to phish out information. This method is known as website forgery, which comes in two devilishly wise packages.
The first method of website forgery uses scripting methods to conceal the manipulated link in the web page’s address bar. Commonly, phishers imitate the address bar logos of trustworthy websites and put them beside URLs of their deceiving website. Further, the phisher’s scripts can even close the address bar containing the phisher’s link, replacing it with an address bar containing the genuine URL to obscure the website’s identity.
The second method of website forgery is done through exploitation of a website’s flaws. Cross-site scripting or XSS uses a website’s programming defects to trick an unsuspecting visitor. XSS is a very convincing phishing technique, because what it does is open the authentic website wherein the victim fills up forms for usernames, passwords, and other confidential information. But upon submitting the page, XSS scripts start working, linking you, the persuaded victim, away from the authentic website and into the phisher’s own. Sometimes, the phisher wouldn’t even need their own websites, for their script is enough for the deception to occur. Such phishing attack is difficult to detect just by merely “looking around” the website. Without prior knowledge on scripting and the like, you will never know what hit you, or in this case, you’ll never notice that you got robbed virtually.
This case is turned from bad to worse by the fact that there exist phishing kits, programs with user interfaces that allow reproduction of websites and creation of their fake versions. Such kits are often used by script kiddies—malicious but amateur programmers who cannot develop their own set of wicked programs, using programs that other malicious programmers like hackers developed. Man-in-the-Middle is one example of phishing kits that enables despicable pseudo businessmen to “mediate” between legitimate online businesses and their clients. Man-in-the-Middle channels information from a business website to a fraudulent website and vice versa in order for the amateur phishers behind the crime to communicate with their victims. Through this, the crime perpetrator can easily capture the victim’s confidential information in real-time setting. This technique spreads phishing to the not-so-knowledgeable script kiddies to build a growing network of virtual criminals. Also, the kit was so flexible that it can be customized based on what type of online business the script kiddie criminal wants to target. Further, the fake website can easily interfere through the transactions between the original website and the victim by “importing” from the target website the victim’s sent information, meaning all credentials of the victim can be viewed and acquired by the phisher. Fortunately, the said phishing kit was discovered by the anti-fraud division of an American software and systems manufacturer.
Internet frauds don’t only involve websites. When you receive an e-mail message telling you to dial a certain number, doubt it immediately (unless you are expecting some transactions from the website, of course). This might be a voice phishing attack. If you dial the number provided by the phisher in the e-mail message, voice prompts will be asking you to press numeric information about your bank account like your account and PIN number. Phishers have arrays of faking techniques to employ to fool users. They can use fake caller ids to give the call a legitimate, trustworthy feel, an IP service that provides voice-overs to communicate with you in real-time setting, and even access on information keyed through a landline phone.
Although there are anti-phishing toolbars that check websites if they are one of the identified spoof websites in an Internet-wide database, phishers have found a way to further conceal their identity from anti-phishing programs which evolved from mere filter evasion. Introducing: the phlashing technique.
Confident that the anti-phishing programs are the ultimate salvation from phishers, users get that false security feeling that they are protected from any kind of phishing attack. Sadly, phishers were able to think outside the box (or the four corners of the webpage window) and learned to use Macromedia Flash animations as means to create their spoof websites. Such knowledge, in essence, defeats the purpose of anti-phishing services “with the phisher’s hands tied behind his back.” Since anti-phishing programs scan only the text contents of a suspicious website, phlashes can just pass the anti-phishers with flying colors.
As the phishing activities evolved, cyber criminals developed their wicked craft even more, anticipating possible reactions from the security militia of the Internet. Phishers even entered the world of compressed files to easily spread chaos among networks of banks and online transactions. Developing a somewhat plug-and-play phishing network using zipped files on hacked networks, web cons enjoy a phishing spree just by unzipping certain files in a subdirectory of an exploited website. Falsely becoming part of the target website, the unzipped spoof files inside the website’s subdirectories will look just as legit as the directories above it.
Social Network Phishing
Although this only comprises a small percentage of phishing activities, social network phishing is just as grave as its ancestors in the sense that it attacks major groups of web users at once through online community websites. In here, a phisher targets a certain social network like MySpace or LiveJournal, planting in those websites some botnets, automatic and autonomous programs run remotely by a hacker. Although there isn’t much money involved in social networks, phishers still consider them their pot of gold as it is very easy for them to spread key loggers, programs that can capture every keystroke of the user. Phishers use such networks in order to hopefully capture a home computer that is often used to shop online or store money via online banks. Further, most of the people in social networks use the same password for any and almost every account they have in the Internet universe, including their e-mail addresses where most confirmation messages for online transactions are stored. That and the fact that key loggers can acquire passwords are enough warnings for amateur people who use the web for transactions. Other typical social networks that phishers target are bulletins, forums, commentary, and profile websites.
There is another form of phishing that attacks big groups instead of just a single person, and that technique is known as spear phishing. In terms of attack deployment, spear phishing somehow resembles the exact opposite of social network phishing because the former uses somebody from the organization to set up the attack, as compared to the latter, which uses a community website to attack individual users.
Spear phishers actually need three things in order to execute an attack to an organization: (1) an identity of somebody within the organization, preferably a person with high authority to make the attack convincing, (2) wide knowledge about the company’s transactions and daily activities to back up the validity of the phish, and (3) a seemingly valid and well-researched reason for requesting confidential data like the PayPal account of one of the company’s departments. If these three are already available to the phisher, then the spear phishing comes to actuality, as described below.
In spear phishing, after finding a website suitable for the attack, the phisher acts as if he is a member of the website’s company with a position of authority. This step utilizes the first of the three requirements to conceal his identity and at the same time, be more convincing when he would be sending requests for confidential information. However, before he creates the fraud e-mails, he has to first look for traces of financial and confidential information, which he can use to further infiltrate the company, supporting the validity of his next move. In that step, he utilizes the second requirement. And lastly, the crime perpetrator then drafts the e-mail message directed to the company, using as reason the third requirement, in order for the phishing to take place.
The typical information that the spear phisher requests in his fraud e-mail message are the same as any kind of phisher would ask: usernames, passwords, account numbers, and the like. But furthering the attack, the spear phisher provides a manipulated link that, once clicked, will download a malicious program into the computer of the victim.
Phishing is as varied as robbing is in the real world. And with the many techniques above, with some even requiring phishers to study and improve the technique, I can’t help but wonder what the driving force for a phisher to phish is. Let’s explore a phisher’s mind in the next section.
A Net Full of Phishes
Everyday, an average of 10 phishing attacks are developed to dupe varying online transactions. However, in this constant increase, the concern of people is more directed to stopping phishers by putting up layers and layers of phishing security programs. Fortunately, I am one of the few people who have heard of the saying: “Prevention is better than cure;” so I decided to learn what goes on inside a phisher’s mind. Upon researching on phishing and trying to figure out how a phisher’s mind thinks, I stumbled upon a website wherein an article they published discussed how it is to be a phisher.
In the earlier years of phishing, a phisher is known to be someone who experienced being phished or had witnessed somebody suffering from the damages of phishing at one point in his earlier life. Given that he or she had ample background of the Internet and its programming styles, then that person can imitate the phishing attack that got him or somebody close to him to do revenge or simply to acquire personal, financial information. But with the dawn of phishing kits, almost anyone can do it, like the novice script kiddies mentioned above.
In the course of a normal phisher’s life, he or she “gains” a multitude of virtual identities, acquired using the techniques we discussed above. Often, they can no longer track all those whom they have phished that they start building databases of phished credentials from their victims.
Phishers don’t stop when they have acquired some identities. Even though they are getting enough money from a good number of victims, phishers still are insatiable that they started resorting to social phishing. Usually, social networks contain e-mail addresses, which are accessed by the phisher once he gets hold of his victims’ passwords through key loggers. Upon looking around the e-mail addresses of his victims, the phisher can then determine how much his gains will be.At times, when the victim is registered to online transaction websites like eBay and Paypal, the phisher sells the accounts to scammers, who will be the ones doing the stealing.
When they start phishing, phishers become very meticulous virtual entities as they try to select the best Internet services to handle their attack elements: a convincing domain and an anonymous, often offshore host to carry out their spoof websites and Internet files and connections. Second, the phisher checks the page source of his target website, studying it to identify where he can place certain codes that will do the phishing for him. Third, he develops the spoof website with care and keenness so as to make it believable. After that, he will include certain scripts that will transfer information from the spoof page to his server using scripting languages for backend of websites. Lastly, he will deploy the spoof web page using any or all the techniques shown above, and wait for the “phished to take their bait.”
Phishers can fool as much as 10,000 people everyday. But to remain hidden from such big crowd, a phisher has to use his own virtual private network, a personally dedicated server, a copious amount of proxies, and encryption of his network signals that travels to and fro.
Finally, the reason why a phisher can still catch a good haul these days is because their adversaries, the good guys of Internet security, are “lazy” that phishers maintain a firm step ahead of them.
That’s pretty much it for the first part of our expedition in the world of phishing. In the second part, we will learn how to stop or avoid malicious phishing activities. Stay tuned!