Phishing Nets

1 Dec

Phishing is one of the most common forms of cyber-attack at the current time.  Effectively attackers try and fool you to providing sensitive data such as user names and password into fake web sites.

While we all like to think they will never get us, the quality of the phishing emails and the fake web sites is increasing all the time. I was nearly taken in by an “Apple” one (Apple are one of the most targeted domains). It was then that I realised I had a reasonably effective Phishing Net.

Phishing net blog post image

Like many people I use a Password manager (I’ve previously written on Password Managers, following the need to change 40+ passwords after Heartbleed).

When I visit a web site logon page, the password manager scans the URL. If the URL is in its database, it looks up the associated username and password, and automatically fills the details in.

On the other hand, if it is a Phishing site, while to the user it may look legitimate, to the password manager, the URL will not match, so it will not supply the credentials. As such, the password manager has in effect blocked the phishing attempt – a phishing net.

Please join the discussion, we welcome your views...

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: