Cellphone verification quarrels phishing

How many phishing-attacks grows fast in spite of security developing companies efforts to low it. RSASECURITY issues monthly phishing-attacks reports which may be available at company official website . The big problem is that victims hide the statistics as the actual fact of successful phishing-attack is really a serious threat for the business reputation.

The classic phishing-attack looks as follows. Let’s assume a fraudster decided to fully capture confidential data that gives use of the account management zone on X bank website. Fraudster must entice a prey to a false website that represents a copy of X bank site. It is done to be able to make victim enter his/her private data thinking that he or she is really using real bank website. As a result fraudster gets full use of victim’s account management.

Protecting yourself from phishing attacks is an arduous task that requires combined approach. It is often essential to reexamine the existent client work scheme and complicate the authorization process. As a result client is subjected to additional inconvenience and company 토토사이트 검증 spends a bundle to safeguard itself. That’s why companies usually don’t follow this way. Reliable, widespread and cheap verification that is user friendly is the main element factor in phishing-attacks prevention. The most effective verification that in fact protects from phishing attacks is automated telephone verification.

There’s a few Service Providers such as for instance ProveOut.com that offer inexpensive, simple in integration and at once effective solution – verification via telephone. Verification is processed instantly without the necessity for an operator.

Let’s examine what can happen if telephone verification was used in the phishing attack described above. One single step must be put into the authorization procedure at bank’s website: phone call to previously stored customer’s phone number.

When customer enters correct login and password information, bank sends a request with customer’s telephone number and a randomly selected code to Service Provider. Service Provider makes a phone to user’s telephone number, dictates the code passed by the bank to an individual and then hangs up. User then enters provided code in corresponding field and proceeds to restricted access area.

For the calls’ processing Service Providers use VoIP technology that enables to help keep the price of just one verification call low. In the event call’s cost to specific destinations will be regarded as being too high phone verification service can be utilized selectively e.g. a verification call could be initiated only in the event of account operations. Phishing will not work for such site being an additional security measure can be used – automated telephone verification

Leave a Reply

Your email address will not be published.