Three Major Tricks Of Phishing

Recently, news about fake online shopping websites cheating money has been exposed.

In September 7th, "Yutong Digital Plaza" (www.ytsm163.com) was reported to be punished for not receiving shipment after receiving the charge. In September 27th, the "easy access network" (www.ytsm163.com) was also informed by the Consumer Association for alleged fraud for the same reason, and so far the website is still operating normally.

As the National Day approaches, people who are busy for more than half a year want to take advantage of the seven day long vacation to relax.

Online shopping has become the preferred way of consumption for many senior netizens because of its advantages of staying at home and convenient and fast. It is foreseeable that the peak of online shopping is coming.

Then, how can we distinguish the authenticity of the website from the online shopping websites that are intermingled with good and bad?

According to He Gongdao, an anti virus expert of Jiang Min technology, this form of online fraud is also called "phishing". Such fraudsters are fraudulent means. If users are not careful, they will fall into the trap set by liars.

He said that like "www.ytsm163.com", this kind of "collecting money not to deliver" fraud is the most primary deception in phishing. Now more and more advanced phishing scams continue to appear, typical of the following three major deception.

This fake website is posing as a regular e-commerce website through some search engine's "bidding ranking" business, using some "competitive ranking" agents to publish lax identity lax loopholes, spending money in the prominent position of search engines, waiting for customers to get hooked.

Although there are no such cases of fake e-commerce websites being exposed on the Internet, the case of a fake "first release company" last year has been enough to arouse people's vigilance. If such a device is used by a swindler, it will be difficult for ordinary users to see through it.

For example, in December 2004, the anti virus research center of the Jiang people's center monitored that the website of a counterfeit securities company www.shoufan.com was ranked prominently in the form of competitive bidding through the form of competitive bidding. The website name is similar to the www.shoufang.com.cn website. Users click through the search engine to get infected with the "security thief" virus. The virus can steal user's securities trading numbers, thus manipulating the user's account for securities trading.

The difference between the domain name and the official website of such websites is very small. It may be just a letter difference.

For example, in July 19, 2004, Jiang Min anti virus center monitored that a newly emerged malicious website disguised as a Lenovo home page. Through malicious script programs, it used a variety of IE vulnerabilities to grow Trojan horses, and distributed "Lenovo Group and Tencent Inc jointly donated qq COINS" "false news" to induce more users to visit the website to cause infection.

To our surprise, the domain name of the malicious website seems to be no different from the official website of Lenovo.

False association website http://www.1enovo.com, and Lenovo's address is http://www.lenovo.com, which only has the difference between the letter L and the number 1, while the lowercase L and 1 are so similar that it is almost hard to distinguish from the naked eye.

Others are fake http://www.1cbc.com.cn, and the real ICBC website is http://www.icbc.com.cn, which is also the difference between a letter and a fake bank of China website.

This fake website takes advantage of the loopholes in the operating system and downloads some malicious code from the background after the user clicks. Then the fake website quickly jumps to the real web page. People who do not look at the address bar are not aware of any changes.

The fake legend website is a false message that is distributed by "Lenovo Group and Tencent Inc jointly giving qq COINS". When users visit the website, they jump to the real Lenovo website page in two seconds.

The experts said that in addition to using the above technical means to achieve the purpose of "phishing", the deceived person is also the main reason why the deceived person can succeed.

For example, a cheater claims to sell cars, digital cameras and other commodities at a super low price, falsely claim that the user has won the grand prize, or promises to give away some articles free of charge and send some "beauty" information, etc. These seductive information can often make some people lose their intelligence and eventually fall into the trap set by the swindlers.

The experts suggest that users should install some anti virus software with anti malicious web sites, vulnerability scanning and privacy protection functions, timely fix vulnerabilities and patches, open up virus real-time monitoring, and prevent such "phishing" from the technical level. For the ordinary users, they should fundamentally improve the awareness of network security, overcome the idea of coveted petty gain, increase vigilance, use caution search engines, and do not click on suspicious links provided by unknown web pages or mail, so as to ensure the safety of National Day online shopping.