This is not a class of definition of terms so am not gonna define what phishing is. However its is important to note that phishing is a serious security issue especially in the face of social networking. Alot of sites will masquerade as genuine sites while attempting to gather personal information such as username, passwords, credit card numbers etc. Oops i think i just defined phishing, no harm anyway.
Now am gonna use an example here of a website masquerading as twitter. if you click on this link. you will be redirected to a page which resembles the twitter login but after close scrutiny you will realize that there are alot of differences.
So what do users need to look out for?
1. Check out the address.
The first address is clearly not twitter and all one needs to do is make sure that they spare just a few seconds to verify the spelling in the address. You know contrary to popular maxim its never a machine error but a human one.
2. check out website identity by use of security certificate.
This might seem like a very complicated process but its simple and based on the step above. If you farther want to confirm the validity of the website click on the left of the address as shown below.
Well the images are not very sharp but they serve the purpose just as well. what we are relying on here are the Secure Sockets Layer (SSL) certificates. The genuine twitter address provides ownership information and the verifying authority also known as certificate authority. On the other hand the other address doesn't provide any information and therefore providing your username and password will only mean that you are selling yourself.
So make sure you double check and be responsible for your security while in the cyber space.
