Page 33 - 41 sayurusara full set
P. 33
Sayurusara 2020 JUNE 31
• Domain spoofing • Search engine phishing
fuys§ m%ydrlhd úiska hï wdh;khl fyda fuh kj j¾.fha phishing m%ydr j¾.hla
iud.ul Domain tl jHdc f,i ilihs' tysoS jk w;r" jxpdldrhd wdl¾IŒh kuq;a jHdc
m%ydrhg ,la jk iud.fï tlu Domain kduhla ksIamdok" jHdc fhdackd l%u fyda jHdc §ukd j,ska
iys; B-;emE,la ,efnk neúka" th úYajdiodhl iukaú; fjí wvú u.ska mdßfNda.slhska wdl¾IKh
uQ,dY%j,ska ,efnk nj tu iud.ï úYajdi lÍu ;=,ska lr .kS' jHdc fmd,S fhdackd l%u i|yd jxpksl
fuu m%ydrhg f.dÿre fõ' nexl= iuÕ mjd Tjqka iu. ne£ isà'
• Whaling .kqfokqlrefjl= Tjqkaf.a msgqjg f.dia
Tjqkaf.a mqoa.,sl f;dr;=re ksIamdok ñ,§ .ekSug
wdh;khl fyda iud.ul úOdhl fY%a‚fha fyda fjk;a lghq;a;la i|yd f;dr;=re we;=<;a l<
mqoa.,hska b,lal lr m%ydrh t,a, lrk w;r" miq" tu f;dr;=re jxpdlrejka w;g m;a ùu u.ska
WodyrKhla f,i .;a l, fuu m%ydrfha b,lalh mdßfNda.slhdg úYd, ydkshla isÿúh yelsh'
uqyqfoa ;,auiqka ñi ud¿ fkdjk neúka fuh Pishing
attack fuu kñka y`ÿkajhs' • Watering hole phishing
jxpkslhska fuu by< m%N+jreka" Tjqkaf.a fuu j¾.fha phishing j,§" m%ydrlhd wm
iïnkaO;d iy úYajdiodhl m%Njhka mslsÍug" ixfõ§ f;dr;=re ,nd .ekSug" jHdc Bfï,a w;r wksIag uDÿldx. j,ska tu fjí wvú wdidokh
heùu i|yd udi .Kkla .; jk w;r" miqj jeo.;a lrhs' tuÕska wjYH ish¨ mqoa.,sl f;dr;=re fyda
o;a; iy uqo,a fidrlï lrhs' o;a; ,nd .kS'
• Vishing Phishing Attack u.ska wdrlaId ùug .; yels l%shd
ud¾.
fï jk f;la Bfï,a heùfuka pishing m%ydr
t,a, úh' kuq;a cx.u ÿrl:k b,lal lr myr§ï isÿ • fkdokakd fyda iel iys; ine¢ (Link)
lrk úg" th Vishing fyda Voice Phishing f,i ye¢kafõ' la,sla lsÍug fmr URL kej; mÍlaId lsÍu'
Vishing m%ydr j,§" jxpdlrejka cx.u ÿrl:kfhka • iel iys; Bfï,a fyda flá ine¢
wu;d úYajdi l< yels mßÈ wkkH;djhla f.dv újD; fkdlsÍu'
k.df.k mqoa.,sl f;dr;=re tla reia lr .kq ,nhs' • uqrmo ks;r fjkia lsÍu'
• Phishing Attack y÷kd .ekSu" k;r
Wod : Tjqka nexl= fiajlfhl= f,i fmkS lsÍu i|yd Tfí fiajlhska oekqj;a lsÍu iy
isáñka" nexl= .sKqï wxl" iajhxl%Sh fg,¾ hka;% wxl mqyqKq lsÍu'
fyda uqrmo ,nd .;a miq Tnf.a .sKqfuka uqo,a jxpd • wdrlaIs; wvúhlaoehs kej; mÍlaId
lrkq ,nhs' lrkak¦ tkï HTTPS iys; wvú
• kj;u m%;s ffjria uDÿldx." Anti-
• SmiShing Phishing uDÿldx. iy Anti-Phishing Toolbars
ia:dmkh lrkak'
SMS + Phishing = SmiShing. • Tn fkdokakd uDÿldx. lsisjla
Vishing fiau SmiShing m%ydrfha udÈ,sho cx.u ia:dmkh fkdlrkak'
ÿrl:k j,g iïnkaO fõ' fuys§ m%ydrlhd b,lal.; • Tfí iyc nqoaêh úYajdi lrkak'
mqoa.,hdg ine¢hla fyda flá m‚úvhla újD; • kj;u wdrlaIl mshjrhka iuÕ Tfí
lsÍug flá m‚úvhla hjhs' Tjqka jHdc m‚úvh moaO;s hdj;ald,Sk lrkak'
fyda weÕùï újD; l< miq" ffjrih fyda wksIag • ixfla;kh i|yd SSL wdrlaIdj
uDÿldx. laI‚lj cx.u ÿrl:kfhka nd.; fõ' fï Ndú;d lrkak'
wdldrfhka" Tfí uqo,a fidrlï lsÍug m%fhdackj;a jk • Phishing Attack iy jxpdjka APWG
mßÈ Tfí cx.u ÿrl:kfha .nvd lr we;s wfmalaIs; (Anti-Phishing Working Group& fj; jd¾;d
f;dr;=re m%ydrlhdg ,nd .; yelsh' lrkak'
• Clone phishing wka;¾Pd,h weiqfrks
Clone phishing hkq jxpkslhka úiska hï kdúl yuqod o;a; uOHia:dkh
úoHq;a ;emE,lg iudk yd mßmQ¾K úoHq;a ;emE,la kdúl yuqod uQ,ia:dkh
ks¾udKh lrñka tys kS;Hdkql+, fmkqfuka m%fhdack fld.kakd m%ydr j¾.hls'
• Domain spoofing • Search engine phishing
fuys§ m%ydrlhd úiska hï wdh;khl fyda fuh kj j¾.fha phishing m%ydr j¾.hla
iud.ul Domain tl jHdc f,i ilihs' tysoS jk w;r" jxpdldrhd wdl¾IŒh kuq;a jHdc
m%ydrhg ,la jk iud.fï tlu Domain kduhla ksIamdok" jHdc fhdackd l%u fyda jHdc §ukd j,ska
iys; B-;emE,la ,efnk neúka" th úYajdiodhl iukaú; fjí wvú u.ska mdßfNda.slhska wdl¾IKh
uQ,dY%j,ska ,efnk nj tu iud.ï úYajdi lÍu ;=,ska lr .kS' jHdc fmd,S fhdackd l%u i|yd jxpksl
fuu m%ydrhg f.dÿre fõ' nexl= iuÕ mjd Tjqka iu. ne£ isà'
• Whaling .kqfokqlrefjl= Tjqkaf.a msgqjg f.dia
Tjqkaf.a mqoa.,sl f;dr;=re ksIamdok ñ,§ .ekSug
wdh;khl fyda iud.ul úOdhl fY%a‚fha fyda fjk;a lghq;a;la i|yd f;dr;=re we;=<;a l<
mqoa.,hska b,lal lr m%ydrh t,a, lrk w;r" miq" tu f;dr;=re jxpdlrejka w;g m;a ùu u.ska
WodyrKhla f,i .;a l, fuu m%ydrfha b,lalh mdßfNda.slhdg úYd, ydkshla isÿúh yelsh'
uqyqfoa ;,auiqka ñi ud¿ fkdjk neúka fuh Pishing
attack fuu kñka y`ÿkajhs' • Watering hole phishing
jxpkslhska fuu by< m%N+jreka" Tjqkaf.a fuu j¾.fha phishing j,§" m%ydrlhd wm
iïnkaO;d iy úYajdiodhl m%Njhka ms
heùu i|yd udi .Kkla .; jk w;r" miqj jeo.;a lrhs' tuÕska wjYH ish¨ mqoa.,sl f;dr;=re fyda
o;a; iy uqo,a fidrlï lrhs' o;a; ,nd .kS'
• Vishing Phishing Attack u.ska wdrlaId ùug .; yels l%shd
ud¾.
fï jk f;la Bfï,a heùfuka pishing m%ydr
t,a, úh' kuq;a cx.u ÿrl:k b,lal lr myr§ï isÿ • fkdokakd fyda iel iys; ine¢ (Link)
lrk úg" th Vishing fyda Voice Phishing f,i ye¢kafõ' la,sla lsÍug fmr URL kej; mÍlaId lsÍu'
Vishing m%ydr j,§" jxpdlrejka cx.u ÿrl:kfhka • iel iys; Bfï,a fyda flá ine¢
wu;d úYajdi l< yels mßÈ wkkH;djhla f.dv újD; fkdlsÍu'
k.df.k mqoa.,sl f;dr;=re tla reia lr .kq ,nhs' • uqrmo ks;r fjkia lsÍu'
• Phishing Attack y÷kd .ekSu" k;r
Wod : Tjqka nexl= fiajlfhl= f,i fmkS lsÍu i|yd Tfí fiajlhska oekqj;a lsÍu iy
isáñka" nexl= .sKqï wxl" iajhxl%Sh fg,¾ hka;% wxl mqyqKq lsÍu'
fyda uqrmo ,nd .;a miq Tnf.a .sKqfuka uqo,a jxpd • wdrlaIs; wvúhlaoehs kej; mÍlaId
lrkq ,nhs' lrkak¦ tkï HTTPS iys; wvú
• kj;u m%;s ffjria uDÿldx." Anti-
• SmiShing Phishing uDÿldx. iy Anti-Phishing Toolbars
ia:dmkh lrkak'
SMS + Phishing = SmiShing. • Tn fkdokakd uDÿldx. lsisjla
Vishing fiau SmiShing m%ydrfha udÈ,sho cx.u ia:dmkh fkdlrkak'
ÿrl:k j,g iïnkaO fõ' fuys§ m%ydrlhd b,lal.; • Tfí iyc nqoaêh úYajdi lrkak'
mqoa.,hdg ine¢hla fyda flá m‚úvhla újD; • kj;u wdrlaIl mshjrhka iuÕ Tfí
lsÍug flá m‚úvhla hjhs' Tjqka jHdc m‚úvh moaO;s hdj;ald,Sk lrkak'
fyda weÕùï újD; l< miq" ffjrih fyda wksIag • ixfla;kh i|yd SSL wdrlaIdj
uDÿldx. laI‚lj cx.u ÿrl:kfhka nd.; fõ' fï Ndú;d lrkak'
wdldrfhka" Tfí uqo,a fidrlï lsÍug m%fhdackj;a jk • Phishing Attack iy jxpdjka APWG
mßÈ Tfí cx.u ÿrl:kfha .nvd lr we;s wfmalaIs; (Anti-Phishing Working Group& fj; jd¾;d
f;dr;=re m%ydrlhdg ,nd .; yelsh' lrkak'
• Clone phishing wka;¾Pd,h weiqfrks
Clone phishing hkq jxpkslhka úiska hï kdúl yuqod o;a; uOHia:dkh
úoHq;a ;emE,lg iudk yd mßmQ¾K úoHq;a ;emE,la kdúl yuqod uQ,ia:dkh
ks¾udKh lrñka tys kS;Hdkql+, fmkqfuka m%fhdack fld.kakd m%ydr j¾.hls'
