skip navigation

PUBLICATIONS

Register for Latest Research

Stay Informed
Register with NCJRS to receive NCJRS's biweekly e-newsletter JUSTINFO and additional periodic emails from NCJRS and the NCJRS federal sponsors that highlight the latest research published or sponsored by the Office of Justice Programs.

NCJRS Abstract

The document referenced below is part of the NCJRS Virtual Library collection. To conduct further searches of the collection, visit the Virtual Library. See the Obtain Documents page for direction on how to access resources online, via mail, through interlibrary loans, or in a local library.

 

NCJ Number: 211113 Find in a Library
Title: Phishing
Author(s): Tony Krone
Corporate Author: Australian Institute of Criminology
Australia
Date Published: 2005
Page Count: 2
Sponsoring Agency: Australian High Tech Crime Centre
Canberra, ACT 2602, Australia
Australian Institute of Criminology
Canberra ACT, 2601, Australia
Sale Source: Australian Institute of Criminology
GPO Box 2944
Canberra ACT, 2601,
Australia
Document: PDF
Type: Issue Overview
Format: Document
Language: English
Country: Australia
Annotation: This Australian report discusses the nature, methods, and countermeasures for "phishing," an online practice of speculative baiting of potential victims of identity theft by contacting them online and enticing them to reveal personal information that can be used in identity-theft fraud schemes.
Abstract: Australia's Anti-Phishing Working Group (APWG) has obtained data on the scale of e-mail phishing attacks for Australian Internet users. There were 13,141 new distinctive phishing e-mails identified in February 2005, a dramatic increase from the 107 phishing e-mails reported in December 2003. A total of 2,625 separate phishing sites (sites advertised by e-mails) were reported in February 2005. These sites sought information that can be used in identity theft for fraudulent schemes. These sites were maintained for short periods (average of 5.7 days). An example of a phishing strategy is to send spam e-mail that requires a person to "validate" their credit card or their Internet banking account login details. In other cases of phishing, perpetrators use sophisticated techniques to intercept encrypted passwords and capture victim information being transferred online. Another strategy is for phishers to impersonate a legitimate site with which the user may desire to do business, which in turn requires the divulging of personal information that can be used in financial frauds against the victim and other entities. A recommended countermeasure against phishing is to never respond to an e-mail that seeks to verify or confirm online authentication details, even when solicited by a company with which the user has had legitimate dealings in the past. Responding to what appears to be legitimate inquiries may divert the user to malicious sites that can load software onto the customer's computer that will subsequently reveal personal information being transmitted. 4 listings for further reading
Main Term(s): Computer related crime
Index Term(s): Computer privacy and security; Criminal methods; Fraud; Fraud and abuse prevention measures; Fraudulent concealment; Identity Theft
To cite this abstract, use the following link:
http://www.ncjrs.gov/App/publications/abstract.aspx?ID=232375

*A link to the full-text document is provided whenever possible. For documents not available online, a link to the publisher's website is provided. Tell us how you use the NCJRS Library and Abstracts Database - send us your feedback.