Professional Documents
Culture Documents
IGCSE ICT - Phishing, Pharming and Smishing
IGCSE ICT - Phishing, Pharming and Smishing
Section 8.5:
Phishing Pharming and Smishing
As we discussed in section 8.2, cyber criminals are always looking for
Key Concepts of this section:
ways to get hold of your personal data and use it to steal your
money. # Know how phishing, pharming and smishing can be used to
obtain personal data.
There are several methods that they will use in order to try and
obtain your credit card or bank details. In this section, we discuss # Be able to describe the methods that can be used to
prevent phishing, pharming and smishing.
these methods and what you can do to protect yourself against them.
Phishing
Pharming
Smishing.
These three methods are normally used to try and obtain people's credit card numbers,
bank details, usernames or passwords.
# Every year, billions of dollars are stolen by online fraudsters who use the above three
methods in order to access their victim's money.
# We will discuss each of these methods and ways in which you can protect yourself Online fraudsters look for opportunities to trick you into
against them below: handing over personal information.
Phishing
# Phishing is used to describe methods that thieves use to 'fish' for our data. Examples:
# This is where fraudsters try and 'bait' us into giving up our bank details, credit card
details, usernames and passwords.
For example:
The emails usually say that there is a problem with your account and then they ask you to
provide your usernames, passwords or account numbers so that the problem can be
rectified.
# If you provide these details, the criminals will be able to use them to help themselves to
your cash.
How to protect yourself against phishing: 'Phishing' is where fraudsters dangle bait in front of the
victim to see if they take it.
# Fortunately, it is very easy to avoid being 'phished'. Some prevention methods are
described in the table below:
For example: you might receive an email which says "We have recently discovered
you have been mentioned in the will of *****. If you provide us with your bank
account number we will deposit the sum of **** ".
Once you send your bank details, instead of depositing money the crooks will make off
with your cash.
If something sounds too good to be true then it probably is and you would be best off Phishing is carried out over emails and try's to trick you into
ignoring the mail. giving up your bank details.
3. Report any phishing attempts to your email account provider. (Click example to zoom)
4. Don't respond to emails from people you do not know.
Spot of phishing!
Spotting a phishing email is easy. Click the
Some videos: image below to find out how.
# Here are some links to videos that contain more information about phishing:
Pharming
# The intention of pharming is the same as phishing..... to obtain personal information such Examples:
as usernames, passwords and bank details etc.
# The way this is done however is slightly different. 'Pharmers' infect legitimate websites
with malicious code that will re-direct you to their bogus version of the website.
The bogus website will look very similar, or even identical, as the legitimate website.
For example:
You log onto your bank's website but it has been infected with malicious pharming
code and redirects you to a bogus version of the site.
The bogus site looks identical to the legitimate site and so you don't realise and enter your
username and password.
Unwittingly, you have just given the fraudsters your login details which they will then use to
access your account and transfer your money out!
How to protect yourself against pharming: Make sure that website url's are correct and legit before
entering personal data.
# Some prevention methods against pharming are described in the table below:
Spot of pharming!
1. Check the url (web address) of the website before you enter personal information.
Spotting a fake website is easy. Click the
The bogus website will have a slightly different address to the legitimate website. image below to find out how.
2. Make sure that you are on a secure website (one that is encrypted with SSL) before
entering personal information.
Loading...
Some videos:
# Here are some links to videos that contain more information about pharming:
For example:
You could receive a text message, sent to your mobile phone, which appears to be from
your bank and reports a problem with your account.
The text message would provide a web address or a phone number which you would be
asked to use in order to contact the bogus bank.
You would then be asked to provide your account details so that the problem could be
rectified.
Smishing is 'phishing' over a mobile phone.
Upon doing so, the fraudsters would use the account information to steal your cash.
Activity!
Phishing, Pharming, Smishing - Research Sheet
Click the above task and answer the questions about Phishing,
Pharming and Smishing.
Back to top
'+