Tuesday, August 31, 2010

Beware of Fishing (Phishing)!

Hey, guys! Today I gonna share a case of phishing to you guys. What is phishing? It is pronounced as 'fishing' due to it was quite similar to fishing. During fishing, we need to provide a bait then wait for the fish to eat our bait and finally pull the fish up from the water interface. In phishing, all the steps occur in fishing are almost the same except the method and items is a bit different. The bait is replace by the email, SMS, MMS or even phone call whereas the fish is internet users, individual or organization community.

The case of phishing that I gonna share here is the email phishing. Few days ago, I just received an email from HSBC bank and the content of email shown in figure 1.
Figure 1: Phishing email

This email mentioned that I had a change in my personal information or submitted incorrect information during my registration for HSBC bank. However, I felt a bit of suspicious to this email because I don't even have any account in this bank yet nor register myself in this website before. Therefore, I consider it as a fraud email. Somehow, I was quite curious to the link that suggested in the email. Thus, I copy the link and put it to the URL of my browser and I notified that the link's protocol is a HTTPS.

As I learned from my Technology and Information System class, HyperText Transfer Protocol Secure (HTTPS) protocol is consider as a secure channel which used to transfer our personal information such as credit card number, personal identity and etc rather than using HyperText Transfer Protocol (HTTP). Most of the phishing email will give the link that used HTTP rather than HTTPS. However, these bad guys use HTTPS to perform their evil plans. After I browse through the link and I found out that its interface is almost the same as the interface in the real HSBC bank web page. Below are the figure of real and fake HSBC web page.


Figure 2: Real HSBC web page

Figure 3: Fake HSBC web page

The fake HSBC web page is similar to the real HSBC web page as we can see from the figure 2 and 3. The difference of both web page is not much because most of the functions included in real HSBC web page can be found in the fake HSBC web page and almost all of the functions can be use too. From this case, we can see that the phishing technique of the hacker is getting mature than before.

Besides that, I will ended my case here because I do not perform any further action beyond this point. Since I have share my case, thus I will also share some tips for you guys to avoid from becoming victim of phishing.

Below are the tips of prevent from phishing:
1. Do not simply click on the link of any email from unknown/known senders (especially spam mail) including bankers, organization or even your best friends.
2. If you really want to browse through the link, please copy it and paste it into your browser URL.
3. You can also use some URL checker to check for the link and see whether it is a suspicious link. Here is one of the free online URL checker, McAfee TrustedSource.
4. Check the link whether is HTTP or HTTPS. HTTP is the most common channel used by the hacker whereas HTTPS is far more less use than HTTP.
5. If you receive a instant messaging message that have link from your friends, then do not click on it. Some of the link may have virus or annoying message.
6. If you receive any unknown caller phone, please do not simply give your information to them unless you have confirm their identity.

My conclusion for this case is this phishing email might look real and it might threat some internet users. Therefore, I hope you guys can learn from my case and try to avoid from threaten by phishing message again. Ok, that's all for today. Thanks for reading.

*Above point of view are personal thought thus it might not be 100% correct.

3 comments:

  1. I confirm the both website are the same. But why they'll send such a email to you without a HSBC account. erm... i think tt the problem. Maybe is done by their internal staff.

    Because the both address have the same ISP address, so a conclusion is, both is real or both is fake. Unless the two links are slight different in address.

    Just i think la~

    ReplyDelete
  2. Is not ISP, is Domain name. There have the same root to each others. Like https protocol is just occur when you login. Exp. Blogger n facebook. You can try it. To extend the securities proposes.

    Good article anyways. If for me, like bank account, I prefer go to the counter rather than online. My online statement is just notification, but not remind me to correction online. This is the latest approach to avoid from fraud.

    ReplyDelete
  3. sc teach me hack bank can ma ? xD

    ReplyDelete