Your organization can defend against phishing attacks by implementing various solutions or security strategies. Depending on the nature of the attacks and the environment involved, Entrust promotes the use of strong authentication, encryption and secure e-mail communication to help stop phishing and man-in-the-middle attacks.
- Strong Authentication: Entrust IdentityGuard for Consumers
- Encryption & Authentication for Internet Applications: Entrust TruePass
- Secure Email: Entrust Entelligence Messaging Server
A phishing attack occurs when a user receives a fraudulent or “spoofed” email representing a trusted source (e.g., bank, retailer or credit card company). This e-mail leads them to an equally fraudulent Web site that maliciously collects personal information, including account information, passwords and PINs.
A sophisticated type of phishing, man-in-the-middle attacks occur when an attacker attempts to intercept communications between two parties, such as a customer and a financial organization, without their knowledge.
By doing so, the attacker becomes “the man in the middle.” Both parties are unaware of the attacker’s presence. So, acting as a proxy, the attacker can both review and manipulate the contents of the messages he is relaying between the two parties.