Pronounced "fishing“ The word has its Origin from two words “Password

Harvesting” or fishing for Passwords Phishing is an online form of pretexting, a kind of

deception in which an attacker pretends to be someone else in order to obtain sensitive information from the victim

Also known as "brand spoofing“ Phishers are phishing artists

Phishing is a way of fraudulently acquiring sensitive information using social engineering and technical subterfuge.

It tries to trick users with official-looking messages◦ Credit card ◦ Bank account◦ eBay◦ Paypal

Some phishing e-mails also contain malicious or unwantedsoftware that can track your activities or slow your computer

The purpose of a phishing message is to acquire sensitive information about a user. For doing so the message needs to deceive the intended recipient. ◦ So it doesn’t contains any useful information and hence

falls under the category of spam. A spam message tries to sell a product or service, whereas

phishing message needs to look like it is from a legitimate organization.

Techniques applied to spam message cant be applied naively to phishing messages.

1) Detect and block the phishing Web sites in time

2) Enhance the security of the web sites3) Block the phishing e-mails by various spam

filters4) Install online anti-phishing software in

user’s computers

i)Classification of the hyperlinks in the phishing e-mails

ii) Link guard algorithmIii)Link guard implemented clientIv) Feasibility study

DON’T CLICK THE LINK◦ Type the site name in your browser (such as

www.paypal.com) Never send sensitive account information

by e-mail◦ Account numbers, SSN, passwords

Never give any password out to anyone Verify any person who contacts you

(phone or email). ◦ If someone calls you on a sensitive topic, thank

them, hang up and call them back using a number that you know is correct, like from your credit card or statement.

Dear Valued Member,

According to our terms of services, you will have to confirm your e-mail by the following link, or your account will be suspended for security reasons.

http://www.uc.edu/confirm.php?account=d.mich.mal@uc.edu

After following the instructions in the sheet, your account will not be interrupted and will continue as normal.

Thanks for your attention to this request. We apologize for any inconvenience.

Sincerely, Uc Abuse Department

http://www.nbmd.cn/Confirmation_Sheet.pif

SOFTWARE REQUIREMENTS:

Operating System : Windows XP/2000 Language : Java (J2sdk1.6.0)Database : Oracle 10g

TECHNOLOGIES USED :• JSP•Servlets•Apache Tomcat 5.5

•Hard disk : 20 GB and above•RAM : 256 MB and above•Processor speed : 1.6 GHz and above