- Home Page
- Solutions
- Partners
- Products
- Support
- Technology
- AAA - 802.1X
- Appliances - Security
- Application Access
- Anti-Phishing / Pharming
- Anti-Spam
- Anti-Spyware
- Database Security
- Compliance
- Content Filtering
- Email Security
- End Point Security
- Firewall
- Integrated VPN / Firewall
- Intrusion Prevention / IPS
- Mobile
- Network Access Control (NAC)
- VPN / SSL VPN
- Traffic Management
- Unified Access Control
- Virus Protection
- Services
- Contact
- About 2Secure
- Search
Phishing
Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead end users and consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.Building Trust in E-Commerce
The media coverage around identity theft and what is the new scam of phishing, in which electronic thieves use computers to gain illegal access to personal information, these scams were around before the computers and will probably still be here after computers. These scam artists pretending to be employees or other similar seemingly trustworthy people would telephone unsuspecting end users and consumers and convince them to give the caller private information, much to the end users and consumer’s eventual regret.
Phishing is bigger. Its emergence in online communications allows scammers to reach many more people than ever before and at incredibly low cost, whether through spam, e-mail and instant message; faked Web pages; or other online ways. Industries have reported that phishing-related scams have resulted in more than 2 billion USD in fraudulent bank and financial charges to date.
Best Practices
Although there are obviously many aspects of filtering technologies that cannot be publicly disclosed, but the industry standard is encouraging legitimate Web service providers (many of which are small businesses without the IT resources of larger providers) to follow some simple rules that can help:
• Certification. If Web site owners intend to ask users for personal information, they should have secure sockets layer (SSL) certification.
• Security. Legitimate Web site owners should continually make sure their sites are as secure as possible from outside attacks by maintaining up-to-date firewalls and installing all necessary security updates.
• Cross-site scripting attacks. All Web site owners should be protecting themselves by using anti-cross-site scripting attack tools.
• External content. If a Web site intends to post external or third-party content, it is recommended that the content be secure and from a known and trusted source.
2Secure provides the industry leaders and best in breed solutions to help address these problems facing the E-Commerce today.
-
AAA - 802.1X
-
Appliances - Security
-
Application Access
-
Anti-Phishing / Pharming
-
Anti-Spam
-
Anti-Spyware
-
Database Security
-
Compliance
-
Content Filtering
-
Email Security
-
End Point Security
-
Firewall
-
Integrated VPN / Firewall
-
Intrusion Prevention / IPS
-
Mobile
-
Network Access Control (NAC)
-
VPN / SSL VPN
-
Traffic Management
-
Unified Access Control
-
Virus Protection
