Phishing Sites Continues to be Mystery for Most British Web Surfers

A new study by VeriSign suggests that phishing websites continue to be mystery to a large number of online users in Britain.

The report is a part of research by the firm to identify evidences utilized by surfers for recognizing potentially dangerous websites. After creating a 'Phish or No Phish' website, VeriSign requested visitors to spot the phishing site out of the two sites presented simultaneously.

The indication that visitors commonly missed is spelling mistakes that the fraudulent, phishing site contain. Approximately 88% of users taking the test could not recognize the typographical errors, which would have suggested that the site was bogus.

57% of respondents missed spotting the absence of the padlock sign, while 37% could not spot a changed domain name. Around 23% of visitors were duped by a request for extra account information like log-in details for online banking.

Moreover, other results of the study indicated that a 55+ aged woman in Northern Ireland had immense chances of becoming victims of a phishing fraud.

Speaking about the dangerous outcomes of phishing, Andrew McClelland, Director of Business Development of Internet Measurement Research Group (IMRG) said that phishing remained a dominant challenge for businesses transacted online. A single phishing attack could drastically reduce people's faith in a company. According to him, if that faith was eroded, it would get extremely hard to recover, and since competition was tough, it was something that organizations couldn't allow to fade, as reported by SCMagazine on June 11, 2009.

Talking about the test sites, McClelland said that it was pretty obvious that one of them had some incorrect content that had altered the page. He noted that previously his research group depended on users watching out for a padlock and 'https' in the URL address, but for many users this was irrelevant, adding that the industry in general proved too poor in raising the necessary awareness.

However, VeriSign has established 'Extended Validation for SSL Certificates' that shows a green color in the address space of only a legitimate site, helping users to identify a phishing site.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 6/19/2009