Uncategorized

Telephone verification combats phishing

How many phishing-attacks grows fast in spite of security developing companies efforts to low it. RSASECURITY issues monthly phishing-attacks reports which is often bought at company official website . The serious problem is that victims hide the statistics as the actual fact of successful phishing-attack is a serious threat for the organization reputation.

The classic phishing-attack looks as follows. Let’s assume that a fraudster decided to recapture confidential data that provides use of the account management zone on 먹튀사이트 X bank website. Fraudster needs to entice a victim to a false website that represents a copy of X bank site. It is performed to be able to make victim enter his/her private data convinced that she or he is clearly using real bank website. Consequently fraudster gets full use of victim’s account management.

Protecting yourself from phishing attacks is an arduous task that needs combined approach. It is often necessary to reexamine the existent client work scheme and complicate the authorization process. Consequently client is afflicted by additional inconvenience and company spends a bundle to guard itself. That’s why companies usually don’t follow this way. Reliable, widespread and cheap verification which is easy to use is the important thing aspect in phishing-attacks prevention. The most effective verification that in fact protects from phishing attacks is automated telephone verification.

There is several Service Providers such as for example ProveOut.com that offer inexpensive, simple in integration and at the same time effective solution – verification via telephone. Verification is processed instantly without the need for an operator.

Let’s examine what might happen if telephone verification was found in the phishing attack described above. A unitary step should be included with the authorization procedure at bank’s website: call to previously stored customer’s phone number.

When customer enters correct login and password information, bank sends a request with customer’s phone number and a randomly selected code to Service Provider. Service Provider makes a call to user’s phone number, dictates the code passed by the financial institution to the user and then hangs up. User then enters provided code in corresponding field and proceeds to restricted access area.

For the calls’ processing Service Providers use VoIP technology that allows to keep the price of just one verification call low. Just in case call’s cost to specific destinations is likely to be regarded as too much phone verification service may be used selectively e.g. a verification call may be initiated only in case there is account operations. Phishing will not succeed for such site being an additional security measure is used – automated telephone verification

Leave a Reply

Your email address will not be published.