Saturday, May 3, 2008

Learn more about Phishing

In my previous educational posts, you learnt how to spoof a Yahoo user and stay safe by not getting Phished. You also learnt What is email spoofing and how you can protect your online identity.

However, unfortunately, phishing techniques dont just end here. There are numerous way which can lead you to give away your security details. The latest technique being used by the Phishers is installation of trojan-spy applications which then in turn send the data back to the Phishers.

Last week, this below attached email snapshot ( click on the image for enlarged view) was making rounds in the internet. The email pretends to have come from Comerica Bank and interestingly doesn’t ask for Banking Id and passwords, rather, tries convincing the recipient about the need of installing digital certificates for “enhanced security“.

Upon continuing by clicking on the link mentioned in the mail, a new window is popped up which has all the relevant jargons is nothing but a bait for the potential victim. If the victim falls for this, a trojan-spy in the name of the “certificate” is installed onto his/her pc.

Clever tactic and now the phishers don’t need to ask for passwords anymore, they can just take them.

This technique keeps the classic element of phishing by mimicking the trusted institution — the bank. What they’ve adjusted is the part that people have become skeptical of, which is giving away their password when requested by e-mail.

Below is a Youtube video of the entire process. For those of you reading on reader, please follow this link.

Via: F-Secure

Follow the safe steps to a healthy PC and Stay Safe on the net.

Also read: [How-To]Bypassing Passwords in Windows

[How-To] Recover lost wireless network key using WirelessKeyView

Bluetooth hacking: Essential tools.

You can also follow me on Twitter at

Do stay tuned to Technofriends for more, one of the best ways of doing so is by subscribing to our feeds. You can subscribe to Technofriends feed by clicking here.