Similar to the method used in phishing emails, the fraudsters also use the legitimate logo of a company and put it on their fraudulent website. They also imitate the fonts and colors to mimic the original company's website.
The fraudsters are increasingly using URL beginning with https:// instead of http://. The letter "s" in "https://" indicates that the company has been issued an SSL certificate (Secure Sockets Layer), which means that any information within the process will be transmitted through a secure connection.
Clicking on this link will open a security alert which will tell the users that the certificate used by the company may not be the one that the users should trust. This is where the users' gullibility lies. People may tend to ignore this alert because it also pops up when users are accessing an authentic website which has a trusted security certificate.
JavaScript allows fraudsters to phish certain browsers. Internet Explorer, especially the older version (IE 5.5), is quite vulnerable towards phishing attacks. In PayPal scams, phishers used JavaScript to show the fraudulent websites only when the users were using Internet Explorer as their internet browser. If the users were accessing through any other browser, they were directed to the real PayPal website.
The fake web page may put a picture or another table as an address bar which contains the fraudster's bogus address. In Microsoft Windows Millennium Edition and Microsoft Internet Explorer version 5.5, the table will overlay the real address bar and users see the fake address bar. But this will not happen in systems which have Microsoft Service Pack 2 installed as it prevents the hiding of the address bar.
Fraudsters also use pop-up windows to gather users' information. The pop-up window often overlays the real website and asks the users to fill in their confidential data. This is meant to enhance the credibility of the fake website. Some fraudsters even use JavaScript to reopen a window when it is closed until they get the information they want.
When a phishing attempt is successful, phishers will send an alert saying that users cannot access their account for a certain period of time. This is actually an effort to keep the users from checking their accounts, giving time to the fraudsters to withdraw as much money as they can.
Virus-Installation Phishing
Emails and websites are not the only tools in the hands of phishers. Phishing attacks are becoming more sophisticated. Phishers plant Trojans in the victims' computers. How do they do that?
They send an email without a subject line and no text in the body of the message. Once the email is opened, it will force Internet Explorer to download the virus from a remote machine. The download will then set up the Trojan which is able to collect the information in the computer and send it to the fraudster's remote machine. The dangerous part is that the owner has no idea that a phishing monster has been installed in his computer.
In 2004, phishers created a virus named Scob that infected thousands of websites, even the trusted ones. Affected websites contained malicious code that could set up a key logger in users' PCs.
A key logger (or keystroke logging) system records the users’ keystrokes. In such phishing cases, a key logger would be very dangerous as it can record credit card numbers, bank accounts, and passwords and send them to a remote machine in another part of the world. We would not know that when we key in our confidential information, some people far away may just observe us and steal our passwords. Once that happens, our entire savings can be gone within 24 hours.
Previous Page
Next Page