A Definition of Phishing and Its Usage for Online Identity Theft

The following sample Information Technology essay is 387 words long, in APA format, and written at the undergraduate level. It has been downloaded 663 times and is available for you to use, free of charge.

Phishing is the practice of fooling Internet users into disclosing private, highly sensitive information to illegitimate sources. This is commonly done via the distribution of “spoofed” e-mails linked to fraudulent websites designed to look and feel like those of existing banks, online marketplaces, and other online services that require the input of personal information (Jameel and George 257). Downs, Holbrook, and Cranor state that, “computer security attacks can be classified as physical, syntactic, or semantic” (2). Phishing falls under the latter category, as semantic attacks take advantage of human vulnerability, as opposed to that of the computer’s “physical infrastructure” (Downs, Holbrook, and Cranor 2). The reliance of developed societies on the usage of the Internet for handling personal business and finance has made online identity theft an increasingly widespread hazard (Jameel and George 257).

The specific information that phishing attacks aim to obtain ranges from Internet login names and passwords to social security numbers. For example, one popular method of procuring an individual’s bank account information is to imitate the appearance and language of an e-mail from that individual’s bank, requesting the individual to validate his or her account details lest their services be suspended. This method preys on the common anxiety of having to endure the hassles of inconvenience. So, while the survey conducted by Downs, Holbrook, and Cranor found that people are generally aware of “the risks associated with using the Internet… they appeared to be less aware of social engineering attacks aimed at eliciting information directly from them” (11). The general population does not possess the fraud detection techniques necessary to detect fraudulent e-mails, as many of the dead-ringers are contained within an e-mail’s “structural attributes” (Jameel and George 257). Because of this, online identity theft will likely continue to be a pertinent societal threat until adequate detection methods are fully developed.

References

Downs, J. S., Holbrook, M. B., & Cranor, L. F. (2006). Decision Strategies and Susceptibility to Phishing. Institute for Software Research, Paper 20, 1-13.

Jameel, N. G., & George, L. E. (2013). Detection Phishing Emails Using Features Decisive Values. International Journal of Advanced Research in Computer Science and Software Engineering, 3(7), 257-262.