Deprecated: mysql_connect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead in /home/a26f9f83/public_html/articles/includes/config.php on line 159
Phishing and Pharming: Dangerous Scams > NetSparsh - Viral Content you Love & Share

Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. Does it differ from phishing -- and if yes, how?

Two Pharmings

Actually, two completely different fields use the term "pharming" now. We can say there exist two separate "pharmings".

If genetics or businessmen from pharmaceutical industry are talking about pharming (spelled like that) it might have nothing to do with computers. This word has long been familiar to genetic engineers. For them, it's a merger of "farming" and "pharmaceutical" and means the genetic engineering technique -- inserting extraneous genes into host animals or plants in order to make them produce some pharmaceutical product. Although it is a very interesting matter, this article is not about it.

As for PC users, the term "phishing" recently emerged to denote exploitation of a vulnerability in the DNS server software caused by malicious code. This code allows the cybercriminal who contaminated this PC with it to redirect traffic from one IP-address to the one he specified. In other words, a user who types in a URL goes to another web site, not the one he wanted to--and isn't supposed to notice the difference.

Usually such a website is disguised to look like a legitimate one -- of a bank or a credit card company. Sites of this kind are used solely to steal users' confidential information such as passwords, PIN numbers, SSNs and account numbers.

Dangerous Scams

A fake website that's what "traditional" phishing has in common with pharming. This scam can fool even an experienced computer user, and it makes pharming a grave threat. The danger here is that users don't click an email link to get to a counterfeit website.

Most people enter their personal information, unaware of possible fraud. Why should they suspect anything if they type the URL themselves, not following any links in a suspiciously-looking email? Unfortunately, "ordinary" phishers are also getting smarter. They eagerly learn; there is too much money involved to make criminals earnest students. At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more fraudulent websites looked like legitimate ones.

Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

Spy Audit survey made by ISP Earthlink and Webroot Software also shows disturbing figures - 33.17% PCs contaminated with some program with information stealing capability.

However, more sophisticated identity theft attempts coexist with "old-fashioned" phishing scams. That is why users should not forget the advice which they all are likely to have learned by heart:

  • Never follow a link in an email, if it claims to be from a financial institution
  • Never open an attachment if the email is from somebody you don't know
  • Protect your PC from malware
  • Stay on the alert

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

The company's R&D department created an innovative technology, which disables information-stealing programs. Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

USA TODAY

Amid outrage, Homeland Security chief Kirstjen Nielsen 'will not apologize' for separating families
USA TODAY
Border agents watch as protesters on the Mexico side of the border demonstrate against policies of President Trump while Homeland Security Secretary Kirstjen Nielsen tours a border fence construction site on April 18, 2018 in Calexico, Calif. (Photo ...
Homeland Security chief slams 'irresponsible' reports on separation ...ABC News
Homeland Security chief defends separating families at borderNew York Post
Here's a Dishonest Tweet from Secretary of Homeland Security Kirstjen Nielsen and Also Five LimericksSlate Magazine
The Hill -VICE News -New York Daily News -Twitter
all 352 news articles »

3 Tips for Driving User Buy-in to Security Policies
Dark Reading
That's why teaching users why it's important to commit to security policies and controls is a far more effective strategy than simply demanding that they follow them. For example, relaxing rules, gamifying education and testing, or simply explaining ...


NPR

Bureaucracy And Politics Slow Election Security Funding To States
NPR
When Congress approved giving $380 million to states to bolster the security of their elections, state officials were caught off guard but extremely grateful. Elections are notoriously underfunded and haven't seen a windfall like this from the federal ...


ZDNet

Lack of collaboration, disclosure affecting APAC security posture
ZDNet
Businesses in Asia-Pacific still are not exchanging enough information and disclosing breaches in a timely fashion. In fact, threat actors are "out-evolving" the industry not necessarily because they are smarter, but because they are collaborating more ...


Homeland Security Secretary Nielsen Defends 'Zero Tolerance' Border Policy
NPR
Homeland Security Secretary Kirstjen Nielsen addresses the Trump administration's "zero tolerance" policy that is separating families who cross the border illegally. Facebook; Twitter; Flipboard; Email ...


TechCrunch

Email security startup Tessian raises $13M led by Balderton and Accel
TechCrunch
Tessian (formerly called CheckRecipient), the London-based startup deploying machine learning to improve email security, has raised $13 million in Series A funding. Leading the round is Balderton Capital, and existing backer Accel. A number of previous ...

and more »

Reuters

Huawei to Australia: We're not a security risk for 5G
CNNMoney
Australian wireless carriers will soon need to hire companies to build new superfast mobile networks. But Huawei faces opposition from Australian national security agencies, according to reports last week from outlets including the Australian Financial ...
China's Huawei rebuts Australian security concerns amid Sino-Canberra tensionsReuters
Huawei rejects Australia security concernsBBC News
US warns Malcolm Turnbull not to use Huawei for 5G networkThe Australian Financial Review
The Australian Financial Review -The Strategist -Huawei Australia Hub
all 151 news articles »

Chron.com

Cyber security rules needed for pipelines: FERC commissioners
Chron.com
Although FERC has the authority to issue certificates for new interstate gas pipelines and set their rates, the Commission does not have responsibility for pipeline security. That charge falls to the Transportation Security Administration, the same ...


TechCrunch

F-Secure to buy cyber security firm MWR
Reuters
HELSINKI, June 18 (Reuters) - Data security company F-Secure said on Monday it had agreed to acquire Britain-based MWR InfoSecurity for 80 million pounds ($106 million) in cash to widen its range of cyber security services. The Finnish company, which ...
F-Secure to buy MWR InfoSecurity for ~$106M+ to offer better threat huntingTechCrunch
F-Secure acquires MWR InfoSecurityHelp Net Security

all 27 news articles »

Just Security

Just Security Authors and Yemeni Human Rights Leaders Detained by Saudi-Led Forces on Travel to Humanitarian ...
Just Security
They have also authored numerous posts on Just Security, including about a letter Mwatana sent to U.S. business leaders regarding Saudi abuses, the need for an international inquiry into abuses in Yemen, and about flaws in U.S. investigation processes.

Google News

Internet Scams: Dont be a Victim

As the number of people using the Internet as an... Read More

Protecting Your Children On The Internet

If you are a parent, as am I, I think... Read More

File Sharing - What You Need to Know!

File sharing on p2p is soaring despite the music and... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

3 Steps to Ending Scams and Virus Problems

Watching how the traditional media covers the latest virus or... Read More

Is Adware - Spyware Putting Your Privacy at Risk

Do you sometimes notice your computer running slower. Is your... Read More

Corporate Security for Your Home Business

The words Corporate Security may conjure up images of a... Read More

Phishing, Fraudulent, and Malicious Websites

Whether we like it or not, we are all living... Read More

Top 10 tips for Safe Internet Shopping

Over £5 billion pounds was spent on online shopping in... Read More

Phishing - Learn To Identify It

Phishing: (fish'ing) (n.)This is when someone sends you an email... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

Computer Security

What is computer security? Computer security is the process of... Read More

Protect Your Little Black Book

The movie Little Black Book features a young woman, Stacy,... Read More

DOS Attacks: Instigation and Mitigation

During the release of a new software product specialized to... Read More

Why Malicious Programs Spread So Quickly?

It seems that nowadays cybercriminals prefer cash to fun. That... Read More

Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay.... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

Identity Theft Article ? A Phisher Is Trying To Steal Your Identity!

Sooner or later everyone with an email account will receive... Read More

Email Scams ? Ten Simple Steps To Avoiding Them

According to the Anti-Phishing Working Group (APWG) email scams also... Read More

Breaking Into Your PC: News...

You'd better learn news from media, not from emails, security... Read More

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support... Read More

Anti-Spyware Protection: Behind How-To Tips

There is no doubt that "how-to articles" have become a... Read More

How to Know Whether an Email is a Fake or Not

A few nights ago I received an email from "2CO"... Read More

Virus and Adware - Fix them Both!

We all get the odd virus now and then, but... Read More