This is a masquerade attack in which one machine program impersonates another machine program by falsifying the data. This causes illegitimate access advantage to the hacker. The web page spoofing is called phishing in which a web page e.g. an insurance company’s front page is regenerated to acquire the same feel and look and is kept on another server. This fake web page is under the control of the hacker who intends to steal information. This is an attack on the authentication information of a user. Phishing is the process of acquiring the sensitive information like the credit card details, user names and passwords. This is the example of a social engineering technique used to deceive the users.
Purpose
The purpose of phishing is to make the user believe s/he is using the right trusted system and s/he gives away the correct identification. This main purpose is to target the leak of financial institutes information to commit cyber crime.
Phishing techniques
The link manipulation is a form of technical deception in which the link in the email is designed belong to a spoofed organization. The filter evasion technique is the one in which the text is replaced with a picture to make it difficult for the anti-phishing filters to filter the commonly used text in the emails. The web forgery is the technique in which the phishing scams use java scripts to help altering the address bar. This deception is easy by overlapping the picture of the address bar or by closing the address bar and opening the legitimate one address bar. Another technique of phishing is evil twins which is very difficult to detect. This technique creates a fake wireless network that looks exactly the same like the original network. This is very common in public places like airports, hotels etc.