Phishing

Phishing is the practice of using email to trick unsuspecting individuals into revealing confidential information. Phishing typically involves an email claiming to be from a legitimate, familiar source. The email prompts the user to surrender private information that is then used illegally. The phish email directs the user to visit a fraudulent website that mimics the look of the legitimate source. Once on the site, the user is asked to update personal information (such as passwords, credit card, social security and bank account numbers).

With the increased use of e-commerce, phishing exploits are expected to increase sharply. Phishing attacks cause damage in two ways:

1. They have the potential to inflict severe monetary and data loss due to fraudulent use of the harvested information.
2. They undermine consumer confidence in online commerce.

A Lucrative Enterprise

The sheer volume of online financial transactions makes phishing a high-reward, yet low-cost and low-risk business for scammers. The fact that so many millions of people can be targeted makes it worthwhile, even with low hit rates. And prosecuting the perpetrators of phishing attacks has proven to be difficult.

Information stolen from phishing victims is used in various ways by criminals, the most common being:

• Victims' credentials may be used for unauthorized transactions
• Legitimate users may be denied access to their own assets
• Attackers can sell users' personal information for criminal purposes

M86 Security delivers enterprise-class gateway protection against phishing. Our email security solutions stop most phish email before users ever see it and our Web security solutions block user attempts to visit phish websites.