• News
  • Updates
  • Information About Phishing

Information About Phishing

Posted on June 17th, 2016

Advisory/Warning

Industrial development, in particular the use of Information Technology Internet Services in Indonesia over the years, has experienced significant growth, but this growth was not followed by the education of the security system in the use of Internet services. It is evident from the user at least not be a victim of abuse of Internet Services in Indonesia, in general acts of abuse or fraud due to the ignorance of the victim and the opportunity to implement a security system using Internet services. Security system in question is prudence, vigilance, rigor and openness of the Internet services that must be owned and known by users. Because the cyber world is a world without borders, there is no space and time. Perpetrators may originate from any country, because they see gaps or opportunities to carry out acts of evil in the world of cyber space. One example of cyber crime in the world that are rife in the Society is "phishing", which is an act of deception to obtain a confidential information in the form of data, emails, account (customer id and username and password) in a Service Provider or Agencies which provides the account registers, in a way that unauthorized or unlawful.

Definition of Phishing

"Phishing" is a term that has the basic meaning "fishing", where The criminals tried to "lure" the victim, by performing, displaying, and providing an interface by uploading sites or Uniform Resource Locator ( "URL") that are similar to the original. Or as if provided by the service provider or the relevant agencies as well as direct and convince potential victims to access or click links that directly connect to the fake sites that belong to the Perpetrators. The aim is to get some information, among others, username id, customer id, email, password in an email or a register account, so that all the confidential information that is required to access victim’s email or a register account of is obtained by the Perpetrators. Long story short, phishing is the act of obtaining personal information such as user ID, email, password someone illegally through fake emails sent to potential victims. This information will then be used by the fraudsters to access your email and fraud, business transactions, etc.

What is the risks which obtained from Phishing emails?

In accordance with the definition of "Phishing" therefore the loss suffered by the victims in general is the use of activity of victim’s email or register account that is registered in the service provider or the relevant agencies, and in particular the loss that will be experienced by the victim is if the email or the register account that has material and non-material value. Material value will cause the loss of the property belonging to the victim, while the non-material value will have an impact on the integrity inherent in the personal lives of victims, therefore, very important for the owner of an email or a register account to better understand and implement security systems to access or use Internet services in the life daily.

And one example is when a perpetrator was aware of Confidential Information relating to the activation of victim’s email or register account, and moreover, email or account of these registers is a medium of communication in business transactions between the victim with his business partner. It will be very easy for the offender to instruct or directing business associates of victims in order to make transactions by sending money to an account that has been designated by the Perpetrators.

One risk of phishing email is a loss in business transactions. You could lose money or business because your email has been hijacked by fraudsters.

How do I know about Phishing emails?

Phishing can be prevented by knowing and getting to know the system works, coupled with prudence and thoroughness of the user and hopefully we will not get stuck or become victims of crime, especially in the activation of the use of phishing emails that we have. In general, the content of phishing emails asking for confirmation of a username and password by directing or convincing the victim to click the link provided in the email or the website or ask for usernames and passwords by replying to phishing email. Please take note that CBN has never asked for CBN user’s password or email id username through email.

What should I do if my email has been hijacked?

Please Immediately reset the password of your email via CBN webmail (https://webmail.cbn.net.id) or contact CBN Call Center.

How do I report a phishing email?

To report a phishing email, please forward the email content to support@cbn.net.id.

Does Phishing happen only via emails?

The forms of phishing are varied, but the most common one is taking a form of fake websites and fake emails. A fake website is a website that is designed as such, in order to resemble the original website. For those web surfers who are not careful, they may get tricked into a fake website and may be providing their personal data.