The amount of phishing-attacks grows fast notwithstanding security developing companies efforts to low it. RSASECURITY issues monthly phishing-attacks reports which can be available at company official website . The big problem is that victims hide the statistics as the actual fact of successful phishing-attack is a serious threat for the organization reputation.
The classic phishing-attack looks as follows. Let’s assume a fraudster decided to capture confidential data that gives access to the account management zone on X bank website. Fraudster must entice a prey to a false website that represents a copy of X bank site. It is done in order to make victim enter his/her private data convinced that he/she is really using real bank website. As a result fraudster gets full access to victim’s account management.
Protecting yourself from phishing attacks is an arduous task that needs combined approach. It is often necessary to reexamine the existent client work scheme and complicate the authorization process. As a result client is subjected to additional inconvenience and company spends a fortune to guard itself. That’s why companies usually don’t follow this way. 먹튀검증사이트 Reliable, widespread and cheap verification that will be easy to use is the main element factor in phishing-attacks prevention. The very best verification that in fact protects from phishing attacks is automated telephone verification.
There’s a couple of Service Providers such as for example ProveOut.com that offer inexpensive, simple in integration and at the same time effective solution – verification via telephone. Verification is processed instantly without the necessity for an operator.
Let’s examine what would happen if telephone verification was utilized in the phishing attack described above. One single step must certanly be added to the authorization procedure at bank’s website: call to previously stored customer’s phone number.
When customer enters correct login and password information, bank sends a request with customer’s telephone number and a randomly selected code to Service Provider. Service Provider makes a call to user’s telephone number, dictates the code passed by the bank to an individual and then hangs up. User then enters provided code in corresponding field and proceeds to restricted access area.
For the calls’ processing Service Providers use VoIP technology which allows to help keep the cost of just one verification call low. Just in case call’s cost to specific destinations will undoubtedly be regarded as too much phone verification service can be used selectively e.g. a verification call can be initiated only in case there is account operations. Phishing will no longer succeed for such site as an additional security measure is used – automated telephone verification