Spyware-Gone

Phishing is the practice of sending spam emails, the bait, to try to get you to part with your money. Phishers claim to be a trusted organization, such as a bank, credit union, a paying agency like PayPal or an online merchant.The email will be couched in urgent terms and will often claim that the consumer must take action immediately, to avoid some catastrophic scenario such as closure of the account. Once the recipient of the email either responds by email or clicks on a link in the email, the victim is taken to a site controlled by the phisher. The phisher's web site is designed to ape the site of the trusted company. The consumer is then encouraged to enter personal information, such as account number, password, or Social Security number. When the user enters such data on the fake site, the phishing attack has succeeded at its first goal, to gather personal information fraudulently. The following attempts at to convert this data to an outright fraud take many avenues. Important examples of this are bank fraud, such as by hijacking the consumer’s account, or credit card fraud, by using the personal information to buy goods or services.

Usually the phisher sends out millions of emails, most of which end up in the inboxes of people who do not have a relationship with the entity that is being used as a trial horse. While these people are unlikely to take the bait and the phisher relies on the minute proportion who do have an account with that instruction. A new variant called spear-phishing, utilizes an attempt by the phisher to improve the odds of success by targeting a relatively small group, often by leveraging institutional affinities. An example would see the phisher searching the public web site of a university or government agency for the names and email addresses of employees, then sending those individuals emails that purport to be from the credit union which serves them. This target-marketing is evidence that phishers are becoming more sophisticated and efficient.

The variant known as pharming, refers to attacks on the domain name system, so that a consumer typing in a legitimate site gets diverted to a fake site without realizing it. In this kind of attack, the problem is that the routing system of the internet is compromised and the user's computer infected with spyware or other malware. The spyware can be "piggybacked" onto legitimate software, and the user may accept it not knowing what it does, or the user might use low security settings that accept it. When this software seizes consumer information, it is part of the larger identity theft and fraud problem.

"Keystroke loggers" record actions typed into the consumer’s keyboard."Screen scrapers" are able to capture images of what the user sees, giving the criminals access to the information on the screen. When keystroke loggers or screen scrapers are on a consumer’s machine, then there is usually additional software to "phone home" to the criminals, so that they can receive what the spyware has learned.

Another way that consumers are tricked is when software covertly directs them to spoof web sites operated by the criminals. This kind of hijacking is similar to pharming. The user types in a legitimate web address, but gets sent to a spoof site that fraudulently gathers data.

Other kinds of deceptive download attacks can pose serious threats to individual consumers or to the security of the Internet more generally. Home computers can get turned into "bots" that can launch attacks to other computers. Some of the latest phishing virus "applications" are capable of a form of artificial intelligence, in which the invading software learns how to sense when and where it was being detected, and then adapting to evade removal and continue to operate. As phishing evolves, it is necessary to anticipate new threats and how to counter them. At each step, various counter-measures could reduce the likelihood of the consumer being harmed by the phishing attack.

Moral of this is for you to protect all your financial records. If the records are housed on your computer, ensure they are a safe "vault" rather than close to the surface where a successful infiltration will be able to access them easily. Check your bank data frequently, daily if possible. Encrypt everything that would allow a criminal to access your acounts. Keep your bank records and other financial data up to the minute at all times and query all charges made against your accounts and cards that you don't recognize.

Stay safe! Know the signs and the latest ruse to get your money and other assets.

How Can Someone Steal My Identity
...
how-can-someone-steal-my-identity.php

Viruses, Trojans And Worms Oh My!
The odd virus from time to time was bad ...
viruses,-trojans-and-worms---oh-my!.php