see also witiger.com/ecommerce/SocialEngineering.htm
This page is for the convenience
of students in Prof. Tim Richardson's e-commerce classes.
It contains a collection
of info and links regarding all the marketing issues relevant to domain
names.
This
page last updated 2011 Nov 14
.
This web page has audio clips - just click on the icon (like the one to the left) and you can hear Prof. Richardson's voice adding additional information to topics on the page. | turn on your speakers to hear audio clips |
Domain Names | ||
marketing issues | witiger.com/ecommerce/domainnamesmktg.htm | |
registration isses | witiger.com/ecommerce/domainnamesregister.htm | |
scams and problems | witiger.com/ecommerce/domainnamesscams.htm | |
scams, phishing | witiger.com/ecommerce/domainnamephishing.htm | |
domain name hacking | witiger.com/ecommerce/hackingexample.htm | |
domain disputes | witiger.com/ecommerce/domainnamedisputes.htm | |
Verisgn problems | witiger.com/ecommerce/domainnamephishing-verisign.htm |
. | This page
used in the following courses taught by Prof. Richardson
.
This page deals with o
Re-directs to fake sites, phisher
sites
see also Tina Dang's interactice
PDF
|
Phishing
an introduction |
Ontario's
Consumer and Business Services Minister Jim Watson provided an information
session on Internet scams Wednesday [2004 Nov 17th] at Queen's Park as
part of the provincial government's Consumer Awareness Week.
"Internet criminals have become more sophisticated in recent years by setting up dummy Web sites that look similar to those of major banks, trusted sites like eBay, or even government Web sites. Users are encouraged via e-mail to enter personal and financial information into these sites. The practice, known as phishing, has resulted in monetary theft and in worse cases, identity theft." "Your information goes straight into the hands of crooks," As part of its awareness program this week, [2004 Nov 17th] the Ontario government offered a five-point guideline for safe Internet use: o
Clear your cache at the end of every session
|
YES THIS PAGE IS USEFUL
Nov 2011 - former UTSC student
(MGTD06
in 2008) Hasan Shahzad stopped by to talk about his work in Mutual Funds
at Royal Bank and mentioned that frequently he references material from
this page in order to educate clients as to some risk and threat situations
they should be careful about regarding identity theft and hacking.
Thanks Hasan for mentioning
this.
|
published
by Scott Adams in 2005
Phishing
an introduction |
What is Phishing
and Pharming?
According to the sitehttp://antiphishing.org/
(found by MRK410 student Sheri C.)
witiger translation !! Phishing attacks use trickery, like pretending to be a legit website, and technical sneaky things, to steal your personal info.
|
Why Phishing is so dangerous !!! | -
the cops can't help you
"This is certainly a new crime," said Det. Supt. Rick Kotwa [2005] who heads up the anti-rackets investigation bureau for the Ontario Provincial Police. "We don't have a lot of resources designated towards it." |
Deadline pressure Festa says " Scam artists are taking advantage of eBay's deadline-heavy pace in their schemes, knowing that an eBay user facing a ticking clock is less likely to think twice before handing over a username and password. "One person was out of town and panicked when he got home and saw e-mail saying his auctions wouldn't be kept live unless he made these changes," ... "So he went in and gave them all this personal information. If they catch you at the right time, you can be fooled." |
Phishing
growing in
|
is the title of a story carried October 22, 2004, Vol. 30 No. 15 in Computing Canada "The "attackers," are sophisticated and make their Web sites look almost identical to the legitimate sites, as they seek users secure banking or personal information through solicitation by e-mail. Unsuspecting users, for whatever reasons, are lured into giving up secure information and soon might be robbed, because they trust the sites." permission to quote from Computing Canada, Computer Dealer News and itbusiness.ca for this article, and all other articles in witiger.com comes from Joe Tersigni, Publisher, IT Business Group, www.plesman.com, May 2005. Copy of email kept on file in the permissions binder. |
Phishing
through
|
|
Scams phishing eBay
& PayPal
phishing |
"Hackers tricked several online merchants who use EBay's PayPal payment processing system into disclosing their user names and passwords, then logged onto the merchants' accounts to download lists of customer names, e-mail addresses, home addresses and transactions, said spokeswoman Amanda Pires. EBay fears that the information will be used to trick customers into giving up their credit card information in an e-mail scam known as phishing or spoofing. This is how such scams work: E-mail users receive messages purportedly from PayPal or other businesses saying that they need to verify their credit card number, Social Security number or other information. Often the e-mail links to a Web site designed to look like a legitimate business, but which really belongs to the perpetrator of the fraud. If the victim enters the requested information on the Web site, he or she may become the victim of identity theft. " On this page there are several quotes from ecommercetimes.com. Permission was given by Richard Kern, Associate Publisher of the E-Commerce Times, in an email to Prof. Richardson 2004 Dec 10th, a hard copy of the email is kep on file in Richardson's permissions binder. |
Phishing
Industry
Phishing Industry
|
permission to quote and link comes from Peter Cassidy, secretary general of the Anti-Phishing Working Group (by email 2005April07) Sheri wrote "I was reading the upcoming lesson on viruses and scams. I was very interested in the new scam called “Phishing.” I wanted to learn more and came across a very interesting site about the new trend. http://antiphishing.org/APWG_Phishing_Activity_Report_Feb05.pdf" Sheri explained "This site went into detail on how dangerous this new scam really is. It gave me graphs that highlighted the continuous growth of the trend. I also learned that the United States is ranked number one as the top location for hosting phishing sites with 37%. The main attack is on financial institutions. There is an association that was formed called the “Anti-Phishing Working Group.” They hold forums to discuss phishing issues and share phishing problems. “Membership is open to qualified financial institutions, online retailers, ISP’s, the law enforcement community, and solutions providers.” Sheri concludes "I
thought this site would be interesting because this trend is rapidly developing.
I feel with all the new technology we are dealing with, we, as students
should be aware of this type of scam for our future endeavors."
|
Phishing
a
|
Phishing, a student's
experience
"I was like, 'why are you buying another cell phone?' He verified it was an error. However, in the email it says click here to log into your account. Once he clicked that link, it took him to PayPal's home page. He logged in. It asked him for his name, street address, credit card number and more. He re-entered everything. But, before he clicked the send button, he was wondering why he has to input everything all over again because he was already registered. As he wondered, he noticed that the URL was not even paypal.com. It was a random URL address. It was a replica of PayPal?s homepage. None of the links on the home page worked. If he clicked the button, all his personal information would have been revealed aka identify theft." Salma suggests
Salma adds
|
.
Swartz describes what happened to Best Buy "Best Buy. In what could be one of the biggest such cases, the No. 1 electronics chain says thieves recently used spam called "Fraud Alert" to milk consumers of credit card and Social Security numbers. The e-mail, which claimed to be from BestBuy.com, directed consumers to a Web site nearly identical to the company's site. Many consumers were suspicious and contacted Best Buy because the site asked for personal data." Swartz describes what happened
to AOL
|
Spear
Phishing |
Competitor Intelligence
= Corporate Espionage = Spying - faciliated by "spear phishing" !!!
"Spear phishing" is an increasing cyber crime related to corporate espionage. It is a highly targeted phishing attack where a company executive receives an email from an "authorized partner" regarding a project, which is not widely known outside the company. The purpose of such an email is to encourage opening a file, launching a Trojan, which would provide somebody with access to the whole network." WTGR adds,
|
Spear
Phishing |
"spear phishing" !!!
Catherine Forsythe explains
on
"For example, if you received an email from someone from your tech support services asking to confirm your security code, would you do it? The email is addressed directly to you and has your name in the text of the note. A glance at the email address shows that it is a company email. If you send back your security code or password, you may have been ‘phished’ - specifically, you have been ’spear phished’. You were targeted. Email addresses can be spoofed.
And the mention of your name in the text is just social engineering. It
is to manipulate you into feeling secure and giving up the information."
|
Spear
Phishing |
"spear phishing" !!!
WTGR adds,
|
Problems
and Scams example:
|
Oct
2005, I (WTGR) received an email, supposedly from Bank of America, asking
me to log in - only problem is, I'm not a Bank of America customer - so
I automatically know this is bogus.
A small percentage of people who receive this spam will actually be real Bank of America customers - most will delete the email, but some may think it is real, and they'll follow the instructions, and be a victim. One of the keys to knowing it is fake, is the part that says "Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to ...". Anytime an email says this, it is because they "spoofed" the originating address |
|
CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE |
. | |
MISTAKES I TEXTS USED I IMAGES I RANK I DISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I PUBLICATIONS I TIPS I | |
. |
Prof. W. Tim G. Richardson © www.witiger.com