phishing-computerPhishing

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Example: Hacker sends out an email to send users to a login page that collects user names and passwords. The page may even send the user to a legitimate website.

Defense: Users can be educated to be more suspicious.
Users can run anti-Phishing software. Often, it’s part of their Antivirus package.
Websites can be designed so they will be obvious to a user when they are not on the “real” website.

Examples:
No ‘Phishing’: Banks Try to Sink Scammers (2.5B spent on anti-phishing last year)

What are Banking Trojans

Fresh Phishing Scam Pretending to be Halifax Bank Detected

5 examples of spearphishing attacks