Recently, Symantec observed a phishing site spoofing a popular email service brand. The domain name hosting the site belonged to an Indian educational institution. Phishers are known for compromising legitimate websites and hosting their phishing sites on them. However, websites belonging to government, military, or educational institutes are usually more secure and are seldom compromised, observes Abhijit Limaye, senior manager, development, Symantec.
In the past six months, several colleges and schools in India have been attacked by phishers. These include colleges that offer education in engineering, health sciences, management studies, gemological studies, and commerce.
Let’s have a look at the statistics involving the domain names of Indian educational institutes that were compromised and used as hosts for phishing sites during the past six months.
As per the statistics learnt, there were 13 educational institutes whose websites were compromised. These domain names were used to spoof 16 brands. The domain names belonging to the colleges of Uttar Pradesh were found to be the highest in phishing in comparison to other states in India. This was about 43 percent of the phishing attacks, followed by Tamil Nadu and Delhi, comprising 27 percent and 15 percent respectively. Around 79 percent of these phishing sites targeted banking sector brands; 12.9 percent were e-commerce brands, and the remainders were information services, insurance, and mobile/cellular brands.
In the month December 2010, phishing on Indian brands saw an increase of 43.30 percent than the previous month; while that on non-Indian brands with Indian Geo-location saw an increase of around 32.17 percent from the previous month.
Tips to prevent phishing attacks
A well informed user is a protected user. User’s entire computer system, including the operating system, applications, plug-ins, etc. should be updated with the latest security patches and the security software should be from a legitimate vendor and running at all times. Opening email attachments, or clicking on hyperlinks or URLs in emails from unfamiliar senders, should be avoided. Even clicking on links in social networking messages, or accepting social networking ‘friend’ or ‘follower’ requests from unknown references, should be avoided.
Update your online account privacy settings regularly and use complex passwords them. Don’t answer yes when prompted to save your passwords to a computer. Instead, rely on strong passwords committed to memory or stored in a dependable password management program.
Unsubscribe from unwanted legitimate mailings. Be selective about the websites where you register your e-mail address. Avoid clicking on suspicious links in e-mail or IM messages, as these may be links to spoofed websites. Typing web addresses directly in to the browser is advisable.
Tips for website administrators to prevent their site from being compromised
An updated security solution that protects the information and infrastructure it resides on, is the most important line of defence against cyber attacks. Keeping the OS, applications and other software components patched with the latest security updates proves helpful. Using anti-virus, enabling automatic updates and regularly checking that these are installed correctly is also significant. Administrators should also verify that third-party applications are sourced from genuine providers. Also, monitor/disable the account/accounts on which suspicious activity is observed.