Friday, February 10, 2012
Google  
Web voicendata.com
  RSS | Archive    
 Home > Analysis > Seventy Six per cent Indians Can't Recognize Phishing Sites: Exposes VeriSign
  Analysis
Seventy Six per cent Indians Can't Recognize Phishing Sites: Exposes VeriSign
As phishing tactics become more and more sophisticated, Web users and enterprises need to wage a joint battle to address this concern
Kannan K
Thursday, June 25, 2009
Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit

VeriSign, a provider of Internet security services, has revealed that at least 76% of Web users in India are exposed to phishing attacks as they are unable to identify the different forms of phishing currently happening online. It was an interesting, but alarming finding by VeriSign, which commissioned the survey and YouGov conducted it from 22nd May to 3rd June. 1,002 Indian web users aged 18+ participated in the survey.

The samples were asked if they can identify the image of fraudulent phishing site out of two Web site images shown to them with the phising site having slight spelling mistakes which is not very clear to identify at the first instance. A majority 76% of the respondents could not find the spelling mistake of the website, shockingly exposing careless and unobservant nature during Internet surfing. It also exposes Indian web users' apathy on the importance of online security.

Take a look at what were the other aspects of that apathy. They were (a) no padlock symbol in the browser address bar – 54% respondents duped, (b) URL containing unspecified, numerical, domain name – 31% respondents duped, and (c) request for additional account information – 30% respondents duped.

Threat to Banks

Phishing attacks are mostly targeted at banking institutions for financial gains. If customers are alert enough, certainly fraudulent websites can be identified. A casual and indifferent approach of customers encourage the fraudsters to prey them for financial gains. Most common method of phishing is asking for personal information like password. No banks ask for password for any updates of your account or any other activities. Once phishing is successfully done by fraudsters on customers, then it is difficult to regain the confidence of the customers, though its of customers' fault. So enterprises need to be more vigilant and take protective measures.

Though financial institutions are major target, other institutions like ecommerce sites are also vulnerable. “Phishing continues to be a major challenge for online retailers,” said Andrew McClelland, Director of Business Development at IMRG, a UK-based industry body. “It only takes one phishing attack to dramatically reduce the web browsing public's trust in a retailer. Once that trust is lost, it is very difficult to regain and with competition just a click away, something that retailers cannot afford to lose.”

Way Out

There has to be easy mechanism to address this security concern and it should come from institutions like banking companies. “With nine out of 10 people in India are vulnerable to phishing scams, a method for easily identifying a genuine site from a phishing site is a must for all businesses online,” said Tim Callan, vice president, Product Marketing at VeriSign. “By adopting Extended Validation, a site owner makes it easy for Web users to see that the site they are on is genuine. When a Web user visits a site secured in this way, a high-security browser will trigger the address bar to turn green. For additional clarity, the name of the organization listed in the certificate as well as the certificate's security vendor is also displayed.”

Middle Aged, Elderly People Most Vulnerable

Younger generation has slightly better Web security sense than middle aged group and elderly people who grew up in an entirely different environment. In India, the ability to identify a phishing site is highest among the 18-24 year age group, with 45-54 year olds 14% are less likely to identify a phishing site, observes the study. India is the only country where there is no difference between men and women in their level of ability to identify a phishing site.

VeriSign has compiled top five tips to distinguish a real site from a phishing site as knowledge is the key to fight this menace. Consumers should check whether or not a site is genuine by taking measures to protect their personal details by looking for the following:

1.https:// The “s” in https:// means the site is encrypted, so the information you enter is secured. While some phishing sites do have a secured Web address, many do not. Therefore, site visitors should be on the lookout for missing security on sites that should have it. 2.The padlock icon: To be meaningful this icon must appear in the actual browser interface and not inside the content of the page itself. 3.Trust marks: Simple visual cues in the form of popular logos can show that a Web site is authenticated, secured, and the company is reputable. 4.Check the Web address: Be suspicious of any site with an unknown domain that contains the name of a well known site in the latter part of the Web address. 5.Green address bar: This signifies that this site has undergone extensive identity authentication so that you can be confident it is the site it claims to be.

Just try out this site ( www.phish-no-phish.com/ ) to understand where you stand in identifying a phishing site which is very important for you to protect your hard earned money while you do different kind of online transactions. It's interesting like a gaming site to try this out.

kannan@cybermedia.co.in

Page(s)   1  
Print Comment Email DiggDigg DeliciousDel.icio.us RedittReddit
Acquisition is the Key
Million Marks
Tightening the NooseTightening the Noose
 

Subscribe to our Newsletter
Name:
Email Address:




 

Current Issue
Click here to book your copy now






Your Opinion Matters

Does cloud computing cast a cloud on the future of IT professionals?

Is your Accounts Payable Solution working for you? Think Again…

   CIOL Services
IT News | IT Jobs | IT Outsourcing | IT Shopping
 



  For Voice&Data Print Subscription
  [ Magazine Subscription ]  [ Contact Info ]  [ Media Kit ]
 
Other CyberMedia web sites
[Dataquest]  [PCQuest]  [CIOL]  [Living Digital]  [CMR India]
[DQ Channels]  [The DQweek]  [CyberMedia Events]
[CyberMedia Digital]  [Cyber Astro]  [CyberMedia India]
[Global Services]  [BioSpectrum]  [BioSpectrum Asia]  [DARE]
[Computer Shopper]   [College Buying Guide]   [Technology Review

CyberMedia India Ltd

 
  Copyright © CMIL. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
Usage of this web site is subject to terms and conditions.
Broken links? Problems with site? Send email to webmaster@ciol.com