|
To I was reading about Phishing . So people make fake emails so that you give them your personal information and also create fake websites like your Bank for instance? How would you know if a website has been cloned? If it was a Banks website would it not have HTTPS on the login page? |
|
Obviously you didn't read enough (or you're blind?), since the very page you linked contains the answer to your question. Read your link for a more detailed answer. The most basic form of phishing is simply cloning the entire website and hosting the fake on a different server. Instead of the url looking something like http://your-bank-url.com/ it might look like http://your-bank-url.com<u>.something-suspicious-here.com/... Or maybe simply http://<u>something-suspicious-here.com/. So to protect yourself from those attacks, just make sure the URL is a correct URL for your bank. Other more advanced phishing attacks might involve forged emails. If there's a link in an email claiming to be from your bank or whatever, make sure the URL doesn't look suspicious before you visit it. Right click the link, click properties and it'll show you the URL. If it looks suspicious or the email is asking for details as a response, the best option is to call your bank and ask them about the email. In fact, if my bank sends me emails that require a response I almost always call them anyway. HTTPS is unrelated. A phishing site may or may not be set up to use HTTPS for a bank that uses HTTPS. A phishing site may or may not be set up to use HTTPS for a bank that doesn't use HTTPS. HTTPS should not be a significant factor in determining whether a website is a phishing site or not. |
