HOW IS PHISHING POSSIBLE? - LINK MANIPULATION Most methods of phishing use some form of technical deception designed to make a link in an email (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, yourbank.example/, it appears as though the URL will take you to the example section of the yourbank website; actually this URL points to the yourbank (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the tags) suggest a reliable destination, when the link actually goes to the phishers site. The following example link, //en.wikipedia.org/wiki/Genuine, appears to direct the user to an article entitled Genuine; clicking on it will in fact take the user to the article entitled Deception. In the lower left hand corner of most browsers users can preview and verify where the link is going to take them. Hovering your cursor over the link for a couple of seconds may do a similar thing, but this can still be set by the phisher through the HTML tool tip tag. A further problem with URLs has been found in the handling of Internationalized domain names (IDN) in web browsers, that might allow visually identical web addresses to lead to different, possibly malicious, websites. Despite the publicity surrounding the flaw, known as IDN spoofing or homograph attack, phishers have taken advantage of a similar risk, using open URL redirectors on the websites of trusted organizations to disguise malicious URLs with a trusted domain. Even digital certificates do not solve this problem because it is quite possible for a phisher to purchase a valid certificate and subsequently change content to spoof a genuine website.
Posted on: Mon, 14 Jul 2014 14:16:00 +0000
Trending Topics
Recently Viewed Topics
© 2015