Phishing

In computer, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.

Phishing technique was described in detail as early as 1987, in a paper and presentation delivered to the international HP Users Group, Interex. The first recorded mention of the term “phishing” is on the alt. online-service.

Phishing is typically carried out by e-mail or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. Phishing ia an example of social engineering techniques used to fool users. Attempts to deal with growing number of reports phishing incidents include legislation, user training, public awareness, and technical measures.

An example of a phishing e-mail targeted at PayPal users. In an example PayPal phish (right), spelling mistake in e-mail and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. Other signs that the message is a fraud are misspellings of simple words and the threat of consequences such as account suspension if the recipient fails to comply with the message’s requests.

Social responses – one strategy for combating phishing is to train people to recognize phishing attempts, and to deal with them. Education can be promising; especially where training provides directs feedback. One newer phishing tactic, which uses phishing e-mails targeted at a specific company, known as spear phishing, has been harnessed to train individuals at various locations.

Technical responses – anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures. There are some of the main approaches to the problems, such as helping to identify legitimate sites, browsers alerting users to fraudulent websites, augmenting password logins and eliminating phishing mail.

Monitoring and takedown – several companies offer banks and other organizations likely to suffer from phishing scams round-the-clock services to monitor, analyze an assist in shutting down phishing websites.

The Application of 3rd party certification programme in Malaysia

Users won't transact business at a website unless they are certain it is secure. They need to ensure that your business is real and that their communications with you are private. VeriSign's solution is to issue SSL Certificate. SSL Certificate, also known as digital certificates, which is issued by a trusted third party called Certification Authority (CA),becomes the "passport" or the digital document that verify the security and authenticity of the interaction.

The SSL certificate is installed on a web server to identify the business using it to encrypt sensitive data such as credit card information. SSL Certificates give a website the ability to communicate securely with its web customers. Without a certificate, any information sent from a user’s computer to a website can be intercepted and viewed by hackers.

How SSL Certificate interaction with the Browser and the Server?

1. Browser checks the certificate to make sure that the site you are connecting to is the real site.
2. Determine encryption types that the browser and web site server can both use to understand each other.
3. Browser and Server send each other unique codes to use when scrambling or encrypting the information that will be sent.
4. The browser and server start talking using the encryption, the web browser shows the encrypting icon, and web pages are processed secured.

SSL certificates provide strong data encryption as well as reliable authentication of the site and the company with which a client is communicating. VeriSign looks to continued participation from its customers, technology partners to guide future development of products and services that allow internet user to use the internet as a secure medium for high-value online business, communications confidently.

How to safeguard our personal and financial data?

The e-commerce and e-business scene in Malaysia and around the Asian region is beginning to blossom. E-commerce technology coming to the market and the growing number of Internet users buying through the net stimulate the opportunity to expand the marketplace by deploying a cost effective and efficient solution. But one of the impediments of e-commerce success is the threat of online security. The best practices to help to safeguard your personal and financial data are:

Never reply to e-mail messages that request your personal information
Be very suspicious of any e-mail message from a business or person that asks for your personal information — or one that sends you personal information and asks you to update or confirm it. Similarly, never volunteer any personal information to someone who places an unsolicited call to you.

Password
If your account allows them, strong passwords combine uppercase and lowercase letters, numbers, and symbols, which make them difficult for other people to guess. Don't use real words. Use a different password for each of your accounts and change them frequently. It's hard to remember all those passwords.

Make sure the Web site uses encryption
The Web address should be preceded by https:// instead of the usual http:// in the browser's Address bar. Also, double-click the lock icon on your browser's status bar to display the digital certificate for the site. The name that follows Issued to in the certificate should match the site that you think you're on. If you suspect that a Web site is not what it should be, leave the site immediately. Don't follow any of the instructions it presents.

Can the Spam

Be very leery of "spam" (or junk email) that works its way into your email inbox. Not only are these messages often from phishers, but they can also contain Trojan horses (viruses) that can get into your computer and send your information back to their unsavory creators. Install spam-filtering software to keep your data safe.

Set Banking Alerts

Many financial institutions are beginning to offer email and SMS alerts when your accounts reach certain conditions (being near overdraft, or having transactions over $1,000, for example). Setting alerts for your accounts can ensure that you find out about unauthorized access as soon as possible.

eBay, a successful marketplace

eBay is an electronic storefront which allows the process of buying, selling or exchanging products, services and information via computer networks. It has revolutionized consumer-to-consumer business. eBay was founded in 1995, connects hundreds of millions of people around the world every day. It empowering us to explore new opportunities and innovate together.

eBay provides the internet platforms of choice for global commerce, payments and communications. People seek fulfillment through it in their day-to-day activities. It continue to expand economic opportunity by fostering an emotionally satisfying experience for people around the world to explore, learn, shop share and talk with each other, we are also aspiring toward a more emotionally satisfying experience as human beings.

eBay’s original vision was to create the world’s first global economic democracy. We saw a “people market” in which anyone in the world could sell or buy just about anything for a fair price. And today on the eBay marketplace, trust, honesty and efficiency are rewarded more than size or status. More and more of our daily lives activities are conducted online. The internet continually enhances its ability to connect with the world around us.

eBay will continue to innovate and integrate the technologies and policies that make these day-to-day activities even more trusted, fair and efficient than they are today. Hundreds of millions of people who use eBay today are already experiencing this new way to connect. eBay will make it so easy and rewarding to engage in Social Commerce that believe hundreds of millions more will participate. And this next generation will bring with them new products, ideas and opportunities for everyone.