A phishing is an online hacking attack of a very sneaky sort; in fact its more in the category of fraud rather than attack.  It is also one of the crudest of online hacking methods to be used for the purpose of identity theft. The term itself originates from phone phreaking, a word that traces its way to early hacking news reports and identity theft investigations. Though based on a simple underlying concept, perpetrators can weave an elaborate con aimed at ‘phishing’ the identity details of a target. These may then be used to mail bomb another target, other online hacking activity or even to access the target’s financial data.

Online Hacking: Tricks of the Phishing Trade

Phishers try to con you into providing them with sensitive info such as email/ login data, which they can then put into their nefarious online hacking skills and use it to make money out of the system.

One very vulnerable target for phishers is your PayPal account. PayPal is a web-based payment processing system that lets you transfer money to and from your PayPal account with your credit or debit card, thus avoiding the risk of revealing your credit card details to every e-commerce website you shop at.

This does make PayPal a particularly meaty target for online hacking. If you wanted to take money out of other people’s paypal accounts, all you would really need is their email address and password. Then you sign in to their account, and send the money to an account you have set up.

What phishers will do is email paypal customers with an email that looks like an official email from paypal. It will have the paypal logo and format and will look exactly like official paypal emails to customers. It may even come from an address that looks like paypal’s official website. It will go on to say it is a random security check or some other technical procedure and that you are required to type in your user name and password. It will then thank you and say the check or whatever other scheme it claims to be is complete. In the meantime, the phisher will have your password and can clear out your account.

While this is a basic example, there are countless variations of increasing complexity that will be used to try and entice customers to give out bank account details, credit card details or other sensitive information. It can often be next to impossible for the average customer to detect that the email or website is not the official one of the company it is supposed to be from and they are therefore very dangerous.

If you do suspect that an email you receive is a phishing attempt then notify the appropriate company immediately. The other thing to remember is that most banks, credit card companies and other institutions now inform their customers that they will never ask their customers for their passwords in an email, nor will any of their employees ever ask for a password and therefore never give it to anyone who asks you for it.

Keep watching this online hacking weblog for the  latest online hacking news.