Phishing

Source: https://www.google.com/searchq=phishing&
client=safari&rls=en&source=lnms&tbm=isch&
sa=X&ved=0CAgQ_AUoAWoVChMIub_UquacyQIVRVcaCh0
bygSk&biw=1250&bih=662#imgrc=wKtHn-87XHY1eM%3A

Phishing (Microsoft, 2014) is one of the most common cyber crimes in the world. Phishing, as the name suggests, is similar to ‘fishing’. Fraudsters are send a large amount of emails randomly that may link to malicious software and waits for victims who take the bait so that they can steal personal information or important documents. The word of ‘phishing’ can be traced by to the mid- 1990s, when the first malware America Online Hell was created (Rekouche, 2011). These cyber criminals uses social engineering skills and pretend to be important organisations, such as banks, to convince you to follow the steps on their email in order to take control of their account and gain certain benefits. One example of social engineering skills it to pit people into fear. This can be done by sending victims emails about account being hacked, and then requiring the victim to type his password for reclaiming the account. 

Phishing is prevalent globally. In 2010, a report analysed that 0.5% of emails are phishes in the United Kingdom whilst 1% in South Africa, which suffers from phishing most seriously on earth (MessageLabs Intelligence: 2010 Annual Security Report, 2010). There are about 200 billions of worldwide emails sent and received per day (Radicati, 2014), and I would say that even 0.1% of email in the world (200 million) are phishing emails the problem is still too serious. 

It is interesting to know that why so many people commit phishing. Phishing has been developed for long. The strategies of committing have not changed so much. in a few words, committed by fake or stolen accounts and sending malicious emails to many email addresses. As committing cyber crimes can get ‘big rewards’ and the risk of being arrested is relatively low, there are still many people committing cyber crimes nowadays. Another thing is that phishing messages can be sent through various media, and not only limited to emails, so even though people may have learnt a lesson in falling into a phishing trap in a medium, they can still easily fall into the same trap through another medium, if they do not closely examine the possibility of the message being a phishing one. Despite the above facts, nowadays, the success rate is not as high. In the past, when phishing was something new, the targets were less aware phishing emails because they do not have the experience and also phishing was not so frequent. Through different social media and education works by schools and software companies, people are constantly reminded of the danger of phishing and have become more alert of the issue.

27 year-old Olukunle Babatunde and 25 year-old Tamar Abdulhamid were convicted of conspiracy to defraud UK banks by phishing emails in 2013 and they sentenced to 5 years in jail (Finance Magnates, 2013). It is a representative case for how government reacts to serious cases of phishing. Through the phishing emails, they gained more than £750,000 and about 760 victims were involved. This case was in charge by the National Cyber Crime Unit (NCCU) which is a specialist agency for cybercrime. From this, we can see that to the national extent, Internet is monitored by government. NCCU has asserted that information and intelligence associated with serious and organised cybercrime will always be shared with the public for identifying those ‘cyber threats’ and prevent the risk public being the victim of cyber crimes. 

References:

Finance Magnates, (2013). Cyber-criminal Successfully Convicted on Charges of Phishing Fraud. [online] Available at: http://www.financemagnates.com/fintech/payments/cyber-criminal-successfully-convicted-on-charges-of-phishing-fraud/ [Accessed 13 Nov. 2015].

MessageLabs Intelligence: 2010 Annual Security Report. (2010). 1st ed. [ebook] Symantec Corp., p.56. Available at: https://www.incibe.es/file/27gHxrzWsYyeyRTFYq8MuQ [Accessed 13 Nov. 2015].

Microsoft, (2014). How to Recognise Phishing Email Messages, Links, or Phone Calls. [online] Available at: http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx [Accessed 13 Nov. 2015].

Radicati, S. (2014). Email Statistics Report, 2014-2018. 1st ed. [ebook] London: Email Statistics Report, p.4. Available at: http://www.radicati.com/wp/wp-content/uploads/2014/01/Email-Statistics-Report-2014-2018-Executive-Summary.pdf [Accessed 13 Nov. 2015].

Rekouche, K. (2011). Early Phishing. 1st ed. [ebook] p.1. Available at: http://arxiv.org/pdf/1106.4692.pdf [Accessed 13 Nov. 2015].