/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsNEW DELHI, INDIA: A YouGov survey commissioned by VeriSign, Inc. has revealed that at least 76 per cent of Web users in India are at risk from online fraud because they are unable to identify the different forms of phishing currently happening online.
The research asked each respondent to identify which - of two Web site images presented side by side – was a fraudulent phishing site. The most frequently missed “tell tale” indicator was the spelling on the site, with at least 76 per cent failing to spot the spelling mistakes that would have identified the phishing site. The other such “tell tales” include:
- No padlock symbol in the browser address bar – 54 per cent duped
- URL containing unspecified, numerical, domain name – 31 per cent duped
- Request for additional account information – 30 per cent duped
“Phishing continues to be a major challenge for online retailers,” said Andrew McClelland, Director of Business Development at IMRG, a UK-based industry body. “It only takes one phishing attack to dramatically reduce the web browsing public’s trust in a retailer. Once that trust is lost, it is very difficult to regain and with competition just a click away, something that retailers cannot afford to lose.”
Phishing scams and online fraud have created doubt and concern among online shoppers. To regain their trust, site owners need an easy, reliable way to show customers that their transactions are secure – and that they are who they say they are. Security vendors and Internet browsers have joined forces to establish the Extended Validation (EV) standard for SSL Certificates. With this technology, the browser and the certificate authority control the display, making it difficult for phishers and counterfeiters to hijack a brand and its customers.
“With nine out of 10 people in India vulnerable to phishing scams, a method for easily identifying a genuine site from a phishing site is a must for all businesses online,” said Tim Callan, vice president of product marketing at VeriSign. “By adopting Extended Validation, a site owner makes it easy for Web users to see that the site they are on is genuine. When a Web user visits a site secured in this way, a high-security browser will trigger the address bar to turn green. For additional clarity, the name of the organization listed in the certificate as well as the certificate’s security vendor is also displayed.”
Middle aged and elderly significantly more vulnerable
In India, the ability to identify a phishing site is highest among the 18 to 24 year old age group, with 45 to 54 year olds 14 per cent less likely to identify a phishing site. This drop in awareness is at a younger age than all other countries surveyed. India is also the only country where there is no difference between men and women in their ability to identify a phishing site.
Knowledge is key to fighting phishing and to this end VeriSign has compiled its Top five tips to distinguish a real site from a phishing site.
Consumers should check whether or not a site is genuine and is taking measures to protect their personal details by looking for the following:
https:// The “s” in https:// means the site is encrypted, so the information you enter is secured. While some phishing sites do have a secured Web address, many do not. Therefore, site visitors should be on the lookout for missing security on sites that should have it.
The padlock icon: To be meaningful this icon must appear in the actual browser interface and not inside the content of the page itself.
Trust marks: Simple visual cues in the form of popular logos can show that a Web site is authenticated, secured, and the company is reputable.
Check the Web address: Be suspicious of any site with an unknown domain that contains the name of a well known site in the latter part of the Web address.
Green address bar: This signifies that this site has undergone extensive identity authentication so that you can be confident it is the site it claims to be.