Secrets of phishing attacks

Three reputable U.S. security experts have conducted a study that seeks to explain why phishers who threaten our data are so successful these days.

Phishing attacks are usually targeted by spoofed websites or emails. Attackers are mostly trying to take advantage of users ’credibility and are putting more and more risk through their increasingly tricky solutions. Phishers primarily seek to obtain confidential data. For example, they seek access to confidential banking information, passwords, and other personal information.

Rachna Dhamija, Harvard and Marti Hearst and JD Tyga of the University of Berkeley decided to look at the factors that contribute to the rapid spread of phishing. The researchers conducted a study that found that phishers gain access to confidential data primarily through the credibility of users. The research found that 90 percent of users can’t tell the difference between original and fake emails in most cases.

When preparing the study, the researchers also conducted an experiment in which they tried to falsify the website of Bank Of the West. All they did was register a domain name ww.bankofthevvest.com (with two "v" characters instead of "w"), put some images on the website, display a VeriSign logo, and provide a security warning in a pop-up window. After that, they found that 91 percent of the users who visited it blindly trusted the fake page. All this means that phishers do not have a hard time when they want to get access to different data. The researchers ask everyone to take a closer look at the URL addresses and monitor the messages and icons that appear in the browser's status bar.