What are phishers?

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hey guys - just been reading a news article and came across something about phishers and I have no idea what they are - can anyone explain?

Sensible answers only though please guys! (Yeah, as if you guys would ever give me anything othen than sense eh! )

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi Rosy,

Basically, a phisher is an internet scam artist. Example: you get an email supposedly from your bank (or paypal or whatever) saying that your account information has expired and needs to be renewed. You are told to click a link and re-enter your username, password and other confidential information. You click the link and arrive at a site that looks pretty much like your bank's site (look for differences, bad spelling, etc). You enter all your confidential stuff and it turns out this is not your bank's site but a site put up by a black hat to rip you (and alot of other people) off. Here's the definition from webopedia:

http://www.webopedia.com/TERM/p/phishing.html

 

thats the key thing to look at here, also things like links that say www.ebay.com that when hovered over reveal something totally different

another major issue is IDN characters in URLS, that will make the URL appear genuine, but infact it wont be, it can even be used with SSL certificates and flag no problems!

Firefox has gotten around this by disabling IDN charsets until it can sort it out more permenantly

Phising is a pretty big deal for the uninitiated, as they often fall for this, but the majority of it is pretty easy to pick up on for those with a few more braincells than average (especially with the quantity we get these days, its like they are trying to train us to avoid them!!)

Trips sums it up nicely though Rosy, thats what it is

 

Thanks guys! So not people who get drunk on a regular basis or anything then lol

 

Well...I wouldn't rule that out entirely.

 

I busted a guy for doing this from one of our domains at my last job - the sh1t he was putting up was damn convincing. Man, did I enjoy taking that domain down and alerting the police

 

Lucky you mate, I would love to do something like that, and nail one of those bas*^rds.

 

Just for illustration, this address has a (harmless) example of the IDN addresses.

http://www.shmoo.com/idn/