Monday, March 28, 2005

First ‘phishing’, now ‘pharming’

The new terms just keep on coming in the Internet age. Regrettably, most of these latest terms nowadays refer to a form of fraud!

First we had 'phishing' which is when online thieves try to steal your personal information which they can profit from like credit card or bank account numbers; so, they would basically be fishing for info that's not theirs, hence the name.

Now, things just got a worse with 'pharming'. It’s pronounced like the word 'farming', and its more dangerous than phishing.

The 'technical definition' of pharming says that it's a case of a "DNS cache hack invisibly redirecting victims to spoofed web sites."This means a Trojan or a virus finds its way into your PC, then is activated once you're connected to the Internet, taking to you to a fake site of a bank or financial organization, which will ask you for your credit card or bank account numbers.

Whereas in phishing you receive a fake email that asks you to visit a fake site, pharming will take you to the site directly, and is dangerous because it may use information gained from your browsing habits to figure out your real bank, then send you to a replica website, that looks and works exactly like it, and steal your money!

This is achieved by matching domain names with IP addresses at web hosts, and the redirection is triggered by the Trojan in your system!

Quite smart, and very worrying as Trojan change their characteristics fast, enabling them to exploit ‘holes’ and vulnerabilities in Windows and even in firewalls protecting those systems, with Symantec admitting it has found such vulnerabilities recently.The key to the success of pharming is cleaning up the local DNS servers, most of which are in the US, but connected to the whole world!

For example, a group of local DNS servers have been discovered recently which send requests for Google.com, eBay.com and Weather.com to three hacker sites (7sir7.com, 123xxl.com and abx4.com) that attempted to install spyware on visitors' computers.So far, the success rate of pharming, also being called DNS poisoning, is rare; but sometimes it’s enough to just poison the cache memory of DNS servers, even for a limited time, to get the re-direction going.

So, at the moment, security experts are sounding the alarm about this rising danger, which can be stopped by server and IT staff, but it’s crucial that end users are educated enough not to fall for ‘spoof tactics’ they will be exposed to while surfing the web.

The Internet, regrettably, is becoming a dangerous place. Like any city, their are neighborhoods you shouldn’t go to. The ones that look familiar, could be the most the most dangerous. Vigilance is required. So add another new threat to your list of viruses, trojans and Internet scams to watch out for.

zeid@maktoob.com

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home