Phishing Hear it!

Phishing Hacker Definition

A form of identity theft whereby a scammer uses an authentic-­looking email from a large corporation to trick email receivers into disclosing online sensitive personal information, such as credit card numbers or bank account codes.

According to a 2004 report released by Gartner, Inc., an IT marketing research firm, phishing exploits cost banks and credit card companies an estimated $1.2 billion in 2003. Moreover, according to the Anti-Phishing Working Group (a nonprofit group of government agencies and corporations trying to reduce cyber fraud), more than 2,800 active phishing sites were known to exist.

In April 2005, a new “cousin” of phishing was defined and called “WiPhishing” (pronounced “why phishing”)—an act executed when an individual covertly sets up a wireless-enabled laptop computer or access point to get other wireless-enabled laptop computers to associate with it before launching a crack attack. About 20% of wireless access points use default SSIDs. Because users failed to rename them, a cracker can quite easily guess the name of a network that target computers are normally configured to, thereby gaining access to the laptop computer and putting malicious code into it. Intrusion detection appliances such as AirPatrol Enterprise have been designed to detect wireless exploits.

Firms having wired networks are at risk of being cracked if employees’ laptop computers are left on. Instead of exploiting wireless networks with WiPhishing, crackers could do even more damage by hijacking the legitimate connection to a wired computer network, exploiting the soft underbelly of that network, and launching an invasive attack.

See Also: Cracking; Exploit; Electronic Mail or Email; Fraud; Identity Theft or Masquerading.

Levinsky, D. Hacker Teenage Pleads Guilty. [Online, May 14, 2005.] Calkins Media, Inc. Website. http://www.phillyburbs.com/pb-dyn/news/112-05142005-489320.html; Leyden, J. WiPhishing Hack Risk Warning. [Online, April 20, 2005.] http://www .theregister.co.uk/2005/04/20/wiphishing; MarketingSherpa, Inc. The Ultimate Email Glossary: 180 Common Terms Defined. [Online, 2004.] MarketingSherpa, Inc. Website. Reg SETI Group Website. http://www.marketingsherpa.com/sample.cfm?contentID=2776.

phishing Telecom Definition

Also known as brand spoofing and carding. A popular Internet e-mail scam that involves unsolicited e-mail (i.e., spam) contact in which the scam artist attempts to gain valuable information from the 0 90 180 270 360 0 90 180 270 360 target by gaining that person's confidence through various social engineering techniques and technical subterfuge. The term phishing was coined in the 1996 timeframe by crackers (malicious computer hackers) to describe the process of fishing for suckers by using some sort of lure or bait. (Hackers commonly replace f with ph, phor reasons that are entirely unphathomable to the rest of us.) Phishing commonly involves phony e-mails from banks, credit card companies, e-tailers, insurance companies, mortgage brokers, or other financial institutions warning that your account has been subjected to fraud or perhaps that your credit card is due to expire, and that you must confirm certain information such as an account number and password, or perhaps your social security number. The mail includes a hyperlink to a phony website that quite closely matches the legitimate website. If the scam is successful, the unsuspecting target clicks on the link and divulges information necessary for the scam artist to perhaps wipe out a bank account, max out a credit card, or even steal a person's identity, incur extraordinary debts in his name, and generally ruin his credit. See also e-mail, hyperlink, Internet, pharming, pretexting, scam, social engineering, and spam.