PHISHING TECHNIQUES

Phishing Techniques

Phishing Techniques

2.1 Phishing Techniques

Phishing takes place when someone tries to employ electronic communication for instance email to deceptively get confidential information for example your password by feigning to be a trustworthy entity or a part of any trusted group.

Phishing is actually a sort of social engineering technique utilized to deceive users, and uses a poor usability of present web security technology. It is the art of influencing individuals into performing a required action or sharing private information. These attacks are mainly transmitted through email; however, they are furthermore transmitted through:

Instant messaging

Websites of social networking like Facebook, Twitter, MySpace, The communication might:

Ask user to respond with particular information

Ask user to visit a website, after that ask them to share particular information, and ask them to install them

Software or try to infect user's computer

Ask user to call on a particular phone number that will ask them to share particular information.

Phishing has a number of techniques that will be explained below:

2.1.1 DNS Cache Poising

3.1.1. A DNS (Domain Name Server)

It is necessary to protect domain name system (DNS) to be under of any attack .DNS is the most important part in the Internet infrastructure, used to translate the domain into IP addresses so that the servers can deals with it, if the DNS being out of service for few minutes can cause a excessive loose of the internet communication. The DNS relays on the UDP protocol for the communication, it is dedicated at the origin for communication not for security; attackers can target the DNS through cache DNS poisoning. Briefly if the attacker was able to obtain the transaction ID through the DNS communication, can manipulates the DNS response and redirect the session like if it was from the reliable server. Whenever a recursive server accepts the forged communication, it will start the response by wrong resource record that restrains modified domain name-IP mapping into cache space. If a malicious IP address is return to user application, the phishing web site can encounter to the user (Fan et al. 2011: 387).

3.1.1. B Effect of Cache

In operation system of Windows Server 2003, a document of host is present under “C:\Winnt\System32\ Drivers\” Etc. This document can be edited by using notepad while, this file has no extension. In accordance with the rule of Windows, system will look for correlative Resource Records in local cache earlier than it forwards query to the DNS server. Declaration of name will be accomplished if local cache contains correlative RR. If it is not, Window system will then forward a query to local DNS server. Operation mode of hosts is in accordance with a standard of “TCP/IP for Windows”. The function of the document contains a mapping association with the host and IP address. On the head of each row IP address is written, as there is a vacant space between mapping domain name and IP address. Symbol “#” is utilized in front of the explanatory note.

To accelerate the name resolution process hosts can be used ...