Portal field news

Portal field news

in ,

🎁 | Order online, do not receive the product, and identify fraudulent websites [Tell me!Counselor]


Photo online shopping is very convenient, but there are various problems.

Points to identify fraudulent websites when ordering online and not receiving the product [Tell me!Counselor]

 
If you write the contents roughly
The points to identify fraudulent sites are as follows.
 

Online shopping is very convenient because you can order products from home, but there are various troubles ... → Continue reading

 Fukui newspaper


Wikipedia related words

If there is no explanation, there is no corresponding item on Wikipedia.

Phishing

Fishing(British: Phishing) IsインターネットThis is done to steal financially valuable information (eg username, password, credit card information) from your users.scamIt is an act.Typically, impersonating a trusted subject anywayEmailThis is done by directing to a fake web server.

As various services are provided on the Internet, the tendency of increase and sophistication is remarkable year by year.

Etymology

There are various theories about the etymology. "fishing"(Fishing) hacker-like slang (LeetIt is an intentional ombetsu notation called paraphrase), but f is changed to ph.(English edition"In Europe and the United States, it is considered to be an analogy from (, a fraudulent act that intentionally causes the telephone network to malfunction by voice). However, in the media in Japan,"sophisticated"The mainstream view is that it is a compound word with (sophisticated). In addition,"password harvesting fishingThere is also a theory that it is an abbreviation for ".

Background and current situation

Phishing is mainlyAmericaDamage has increased sharply, especially in Japan, and for example, some victims have transferred $ 10 to phishing sites.The United KingdomAccording to a survey by Message Lab, Inc., the number of discoveries was about 2003 per month in September 9, but increased to about 280 per month in March 2004.spamIt is becoming more prominent as a new form of.In December 2004, the National Police Agency revealed that the damage caused by phishing was confirmed for the first time in Japan. [1].

As an example in Japan, in November 2005Chiba BankThere was an incident in which a CD-ROM was mailed to each company, and when the CD-ROM was inserted into a personal computer, the phishing site was connected without permission and the money was deceived.In October 2012, when the online banking service of each major domestic bank was opened, resident malware popped up a fake login screen and asked to enter a PIN, etc., causing damage caused by illegal withdrawal of deposits. [2].

in recent yearsYahoo!Etc.Portal siteAtInternet auctionMembers andWalletDue to the fact that various services such as these are integrated into one ID and password, indiscriminate emails and fake sites that are considered to be phishing for the purpose of taking over these accounts are also available in Japan. It has been reported.In this case, if the account is hijacked, a false auction listing will be put up under your own name, used to deceive the listing from a legitimate seller, or secondarily responsible for auction fraud. There is a risk of falling into a situation where it is done.

Also, recently, there are many sites called visitor surveys on Chrome.

Outline of the technique

This act isMaliciousThird party is a membership systemWebsiteAnd famousCompanyPretending to be "userAccountExpiration date is approaching"Or"Please re-enter your registration details to move to a new service.To a fake website disguised as a real websiteURL linkSend an e-mail withCredit cardMembership numberpersonal informationAndBank deposit accountThe purpose is to obtain IDs and passwords for various services including.Also,DNSBy rewriting etc., I am directed to a fake website even though I have entered the correct URLFarmingThere is also a similar method.There is also a method of sending a fake SMS disguised as a courier's absence notification to download a malicious application.As a resultFictitious billing fraud,Withdrawal of deposit-There are also conspicuous cases in which people are used for impersonation and become multiple victims or indirectly perpetrators.

Types

Metaphorical terminology is used depending on the form of fraud.

Phishing that targets specific individuals or groupsSpearfishing Called (spear phishing) [3]..Among them, those that target executives in the businessWhaling Sometimes called (whaling) [4].

Legitimate previously sentEmailWhat is done usingClone fishing Sometimes called (clone phishing) [5].

Link work

In phishing, links pointing to fake web pages are described in URLs in emails, but most URLs are spelled very similar to real web pages or URLs that include the same description as the real domain in their subdomains. Is.

Real website openredirectCan be abused and crafted [6].

Website imitation

Not only the text and images of real Web pages, but also the address bar is imitated.In that caseJavaScript,Flash, Or an image is used.

There is a concern that an attacker could exploit a vulnerability in a real website that the user trusts. Cross-site scriptingAn attack called, causes the real website and the imitation site to work together, making it function as if it were real. [7].

(I.e.

Social measures

The Council of Anti-Phishing was established in 2005.

The police have a cybercrime consultation desk, as well as an IPA information security security consultation desk.

Technical countermeasures

The following methods are recommended as measures to prevent the damage caused by this fraudulent act.

Confirmation of authenticity before entering personal information
If you're prompted to enter your credit card number, PIN, password, or other personal information, tell us if the site you're currently visiting is fake or genuine.Domain namePlease check again.
Confirm that the URL is genuine
Incidentally,Web browser OfSecurity holeIt is displayed in the domain name etc.URLIs sometimes disguised, so it is not enough to check only in the address field.Is displayedWeb pageIt is more effective to check the properties of.It is also necessary to update the web browser used to improve the security hole of the web browser (however, there are some security holes that can be disguised even when displaying properties).
Recently, both official sites and fake sites are very confusing because subdomains and domain names continue for a long time, so there are cases where it is not possible to make an immediate judgment at a glance. ..As a preventive measure against this, it is effective to follow the link from the top page of the legitimate site.
We are usingWeb browser,Antivirus softwareIf there is a countermeasure function in, enable it
Most web browsers have anti-phishing features.
Internet Explorer 7.0 or later[8]
Google Chrome[9]
Mozilla Firefox 2.0 or later[10]
Opera 9.10 or later[11]
Safari 3.2 or later[12]
Understand how the security of the service you are trying to use works
Understand the security mechanism of the service you are about to use.The internet is basicallySex good theoryIt is a mechanism designed based on.About the web TLS Mechanisms for ensuring security such as these have become common, but these technologies are technologies that have been expanded later, and when combined with existing mechanisms that do not consider security, security cannot be guaranteed very easily.If there is a place where security cannot be confirmed in any part, there is room for fraud and there is a possibility that it is disguised.You should understand that before using it.The confirmation methods listed below are just some of the most common ones.Also recently SSL New phishing sites that have acquired the security of are also appearing, making it difficult to spot.
Email headerConfirm sender information at
It is technically relatively easy to spoof the sender information in the header of an email, and it is dangerous to rely on this alone (Path: There are things that are difficult to spoof, such as the IP address of the header). ..
Don't easily click the link in the email
Depending on the link, the email address may be specified when you click it.If necessary, use the address field or bookmarks of your browser to access the relevant site yourself.After that, judge whether there is a notification with the same content as the email on the relevant site.

Also, depending on the site, there are places that clearly state that "we will not deliver such emails" or disclose countermeasures, so the attitude of the site,SecurityFocusing on countermeasures is also one of the preventive measures.

Check the behavior of the site
Since the purpose of phishing sites is to collect IDs and passwords, it is often possible to log in even if you intentionally enter incorrect information.If you make it a habit to make mistakes the first time, you are more likely to spot a phishing site.

If you unfortunately give out your ID, password, etc. for a suspected phishing item,TelYou should consult with the service provider by e-mail (the sooner the better, so telephone is preferable), and take measures such as stopping the service and changing the password.When a credit company or bank confirms information, it is done in writing and not on the web.

Future dangers from a technical point of view

But in recent years, it seems that vulnerabilities have been left unattended.DNS serverBy modifying its behavior to return a fake IP address for a genuine host name, it follows a valid link to the original site (ie, the browser's).Address barToThe correct address is displayed) Nevertheless, you are directed to an unexpected site set up by the attackerFarmingHas been pointed out.As an attack of the same principle, it has spread rapidly in recent years.無線 LAN OfHot spotIn the meantime, it is possible to set up a trap access point that is set to connect to a fake DNS server.

Also, as a technical possibilityrouterThecrackAnd on the internetroutingBe doneIPpacketThere is also the potential for abuse to arbitrarily control and its application to phishing.

さ ら に,MalwareSome of them are communication control in the personal computer (Routing table,nameresolverAPIEtc., or justhosts(File) is hijacked or rewritten to open a site different from the linked destinationTrojan horseHas also been discovered, and it has been confirmed that it actually responds only to operations on a specific bank site and leads to a predetermined phishing site.It also rewrites the hosts file to refer to a fake DNS server and try to direct you to a fake site.wormHas been confirmed to exist, soComputer virusIt is necessary to be vigilant against these phishing, including countermeasures.

footnote

[How to use footnotes]

Source

  1. ^ “Phishing scams caught for the first time in Japan”. ITmedia Enterprise. (February 2006, 2). http://www.itmedia.co.jp/enterprise/articles/0602/07/news073.html NovemberBrowse. 
  2. ^ "Unauthorized remittance case of online banking, clever technique by" fake pop-up ""Nikkei Trendy Net. (November 2012, 11). http://trendy.nikkeibp.co.jp/article/pickup/20121116/1045603/?rt=nocnt NovemberBrowse. 
  3. ^ “Spear phishing”. TechTarget. (March 2014). http://searchsecurity.techtarget.com/definition/spear-phishing NovemberBrowse. 
  4. ^ “Whaling”. TechTarget. (March 2014). http://searchsecurity.techtarget.com/definition/whaling NovemberBrowse. 
  5. ^ “Phishing and Social Engineering Techniques”.INFOSEC INSTITUTE. http://resources.infosecinstitute.com/phishing-and-social-engineering-techniques/ NovemberBrowse. 
  6. ^ “Cybercrooks lurk in shadows of big-name websites”. The Register. (December 2007, 12). http://www.theregister.co.uk/2007/12/12/phishing_redirection/ NovemberBrowse. 
  7. ^ “A new method for phishing scams, redirecting from a real SSL site to a fake site”. ITpro. (June 2006, 6). http://itpro.nikkeibp.co.jp/article/NEWS/20060619/241207/?ST=security NovemberBrowse. 
  8. ^ “SmartScreen Filter Function: FAQ”. Microsoft. http://windows.microsoft.com/ja-jp/internet-explorer/use-smartscreen-filter NovemberBrowse. 
  9. ^ “Alerts about phishing and malicious software”.Google Chrome Help. https://support.google.com/chrome/answer/99020?hl=ja NovemberBrowse. 
  10. ^ “Operation of protection from spoofed sites and malware”. mozilla support. https://support.mozilla.org/ja/kb/how-does-phishing-and-malware-protection-work NovemberBrowse. 
  11. ^ “Opera's Fraud and Malware Protection”.Opera browser. http://www.opera.com/help/tutorials/security/fraud/ NovemberBrowse. 
  12. ^ “Safari 8 (Yosemite): Identifies encrypted websites and avoids fraudulent websites”.Apple. https://support.apple.com/kb/PH19218?viewlocale=ja_JP&locale=ja_JP NovemberBrowse. 

Related item

外部 リンク


 

Back to Top
Close