Search engine phisher refer to using powerful search engine to locate high-value targets or to search for valuable information. Phishers always try to create web pages for fake products, get the pages indexed by search engines, and wait for unsuspecting customers to enter their confidential information as part of an order, sign-up, or balance transfer. Such pages usually offer product or services at a price slightly too good to be true.
Phisher is a clever and dishonest plan for making money involving fraudulent banks have been particularly successful. A scam creates a page advertising an interest rate slightly higher than any real bank. For example, victims find the site of searching for products or services and use these sites to save or make from interest charges to transfer existing accounts; they are fooled into giving up their information to search engine phishing. Some victims even provided their bank account numbers to “Flintstone National Bank,” of “Bedrock, Colorado” of fraudulent banks.
The best way to prevent search engine phishing is should be very careful to notice any signs of danger when dealing with something because you think that there may be a problem site that has offers that seem just too good to be true.
Google is known to have the cleanest design, fastest search results, and its unique Page Rank technology used by Internet users today. Google hacking involves using the Google search engine to locate specific strings of text within search engine. A web browser names as Mozilla Firefox plug-in website detections by leveraging the Google search engine. According to the Electrical and Computer Engineering Department, University of Toronto that search result of the unique keywords are then used to compare with the website that the users are currently visiting and to determine whether the website is a phishing website. Since most phishing sites are short-lived; they would have much less visitors compared to the legitimate sites they imitate. So it can be derived that the suspicious web site is unlikely to be the one that the users are expecting they are visiting when there is a mismatch in the domain result of the websites in the top search results and the suspicious web site.
References1. Jessica Hunter, Search Engine Phishing-What you need to known, [Online], Retrieved on 16 February 2011.
URL: http://www.identitytheftfixes.com/search_engine_phishing_--_what_you_need_to_know.html
2. Robert Ma, Phishing Attack Detection by Using a Reputable Search Engine, [Online], Electrical and Computer Engineering Department, University of Toronto, Retrieved on 17 February 2011.
URL: http://www.eecg.toronto.edu/~lie/Courses/ECE1776-2006/Projects/Phishing2a-proposal.pdf
No comments:
Post a Comment