IJRCS – Volume 1 Issue 2 Paper 1


Author’s Name : Lekhaa T R

Volume 01 Issue 02  Year 2014  ISSN No:  2349-3828  Page no: 1-4


Abstract -In computer security, phishing is the illegal process of attempting to access information such as username, passwords, bank account numbers and credit card details. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes. Phishing presents direct risks through the use of stolen credentials and indirect risk to institutions that conduct business on line through erosion of customer confidence. Phishers use a wide variety of techniques such as link manipulation, website forgery, phone phishing .A complete phishing attack involves three roles of phishers. Firstly, Mailers send out a large number of fraudulent emails (usually through botnets), which direct users to fraudulent websites. Secondly, collectors set up fraudulent websites (usually hosted on compromised machines), which actively prompt users to provide confidential information. Finally, cashers use the confidential information to achieve a pay-out. The most common targets of phishing, distribute security programs to protect their customers. These programs can protect customers in one or more ways: encrypt confidential information in memory and in network, block or remove known malware, verify the certificate of the financial institution to protect and make use of hardware tokens or smart cards.

Keywords –Phishing, Security, Hacking