Nowadays, the Internet is not only full of viruses and Trojans, but also a resentful behavior is phishing. Phishing can cause many people to lose a lot of information or money. In most people's minds, phishing is fake emails that trick people into providing bank accounts or identity information. However, according to a recent study published by the Honeynet Project & Research Alliance, phishing is more complicated and scarier than this.
The alliance warned in this latest research report that phishers are using a malicious web server, port redirection and a fairly high success rate to spoof users. Their efforts are more thorough and organized than people initially thought. In many cases, they work in coordination with other fishing gangs and use multiple methods at the same time.
Honeynet researcher Arthur Clune, referring to an example of an attack in this report, said that the phishing website was built very fast. All of these sites are prepared in advance. The people who set up such a website are obviously ready, because we started to see network communication before the website was fully built. All processes, including scanning for vulnerable web servers, are highly automated. All of this shows that the attacker is serious, prepared, and wants to find as many vulnerable hosts as possible.
Clune said the quality of these sites and the practice of spamming are improving. This type of website uses more standard English and embeds better quality images, making it more like a real website on the outside. Another researcher, David Watson, said that as users become more aware of phishing and phishing, attackers have to improve their methods. He said that the number of people who suffered from such attacks made him surprised.
Watson said that in the many frauds we investigated, we were surprised to find that users did visit fake phishing sites. Information that guides how to use the Internet safely is clearly not widespread to end users.
This study was conducted using honeypots. The so-called honeypot refers to a computer that is intentionally set to have no protective measures. When attacked, researchers can investigate these attacks to better understand the strategies used by attackers. On the honeypot, the researchers clearly observed that the phishers successfully used three different methods of attack:
Breaking the network server
The first method is to break the server with security holes. And install malicious web content. In a typical phishing attack, the attacker used the following methods:
· scan for servers with security holes;
· break the vulnerable server and install a tool set or password Protect the back door;
· enter the compromised server through the encrypted back door;
· download the pre-made phishing website to prevent the compromised server from being a network-based server;
· for limited content configuration and website testing, when you first visit this web server, you may expose their real IP address;
· download a lot of tools to send emails, Use this tool to advertise this fake website with spam emails;
· After the above steps, someone visits the phishing site and potential victims start to access the content of the site.
The alliance said in a statement that the attack is usually only a few hours or days from the time the system first connects to the Internet. The study found that attackers often attacked many servers and many organizations at the same time.
Anyway, phishing is definitely a dangerous thing. Everyone can avoid it as much as possible. Of course, there are many ways to defend, so in your spare time, you can find a solution to protect your computer. Safety.
I believe many users are confused about the concept of virtual memory, what is virtual memory? What
Press the Apply button will pop up a dialog box, click OK to complete the Click on the local net
Every time you turn on your computer and log in to Windows, you will see a long boot screen. Many st
Microsoft once boasted: Users with Windows XP will no longer need to worry about network access secu
Two monitors simultaneously use one to watch a movie (1)
Inventory display common faults and treatment methods
How to increase the WinXP recorder time to 300 seconds
Tips to make YouTube videos clear
Unlock hidden speed in windows xp
You may not have noticed the Windows XP Tips application
What is the BIOS of the xp system and how much is it?
Detailed DOS commands in Windows XP
In the Windows 7 QQ concept version of the nine new features introduced
Disable five features to make XP system extremely fast
What should I do if the Win10 system opens ANSYS and always stops working?
Anti-defense, evidence of malware invading the computer
Solve the tutorial that Win 8 operating system can't log in
What if the Win8 software is not compatible?
win10 boot has a black screen how to do
Is there any way to recover the files emptied by the recycle bin?
Tips for adding a print directory in Win7
Linux system to identify file types File Commands
I have a mobile hard disk in NTFS file format that can't be written on Mac
Windows10 system boot prompt "you have used temporary configuration file login" solution