Technological innovations and the widespread use of Internet have created a marketplace for businesses and consumers to interact innovatively and have made way for easier communications in a globalized business environment.  Nevertheless, it is known that from the time, the computing world became a part of many organizations; computer viruses, Trojans and the like have always accompanied them too.The emergence and growth of phishing attacks in the recent years only goes to prove that technological developments has also opened new avenues for the criminals and the unscrupulous to plan their attacks. Studies and recent reports by anti-phishing groups have shown an alarming increase in the number of phishing attacks.  Phishing, a kind of social engineering attack, is an attempt by the criminals to acquire sensitive information via the electronic communication mode. The criminals use spoofed emails to trick unsuspecting public to share information related to usernames, passwords and credit cards details. Irrespective of the firewalls and encryption software certificates or authentication mechanisms installed, phishing attacks cleverly dodges the security systems and have evolved to attack high-profile targets with an aim to steal intellectual property, corporate secrets as well as information related to nation’s security.  Developers thus should work out effective anti-phishing tools as a countermeasure for such attacks.The criminals today use a number of phishing techniques to extract information from the electronic media. These vary from phishing, which is used to acquire passwords and credit card details to a more targeted version such as spear phishing, to cloning of emails called clone phishing to whaling which is aimed at high profile targets. However, these techniques use methods for filter evasion and technical deception of email or link by developing spoofed websites and emails, thus making it difficult to be accessed by any anti-phishing software.   IT giants have worked out a number of protective mechanisms to safeguard the organization and individuals from phishing attacks. However, the attacks like the spear phishing attacks are so refined, that they not only difficult to identify and avoid. These sophisticated attacks being targeted at the unsuspecting users provide attackers access to sensitive personal data, sales forecast, trade secrets and business plans. Such action poses a negative effect on the business as a whole causing significant financial losses, losses in shareholder value and customer loyalty. In other words phishing attacks are detrimental to the brand name and reputation.How effective the anti-phishing tools may be, the crux of the problem lies in the individual/employee being the loophole for the attackers. Organizations thus need anti-phishing tools that not only work on the security of the process and technology, but would also help organizations protect their employees from being victims to phishing attacks.

View the original article here


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.