Phishing on website
Phishing or Phishing website is yet another way for the cyber criminal to try to gain access to sensitive information. Usernames, passwords and also bank-related information is at risk with this type of cyber crime and can be used in several types of fraud. The attempt can also be for harmless reasons, but still a nuisance to infected computers in the domain.
Phishing examples and website methods
The amount of examples are vast in numbers but the common theme is masquerading information and data as legitimate when the origin is different than implied.
For instance a website may get from what appears to be several messages from an organization, administrator or community. These messages are sent to a person with, for instance, information about a credit card transaction that failed or some account lockout request on Facebook or Netflix. Usually they provide a link that should “fix” the problem.
However, the link itself goes to a completely other site, hosted by the criminal where the visitor needs to enter the credentials in order to proceed.
How IDS helps you as a network administrator
This is just one way that the attempt can occur. The user usually does not know they have been compromised. IDS attack the problem directly at IP-level, so the user hacking attempt can be stopped directly.
Syspeace does not protect directly against Phish attempts, but does complement other tools to make it harder for the cyber criminal to reach their goals via phishing or phishing website.