Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. Does it differ from phishing -- and if yes, how?

Two Pharmings

Actually, two completely different fields use the term "pharming" now. We can say there exist two separate "pharmings".

If genetics or businessmen from pharmaceutical industry are talking about pharming (spelled like that) it might have nothing to do with computers. This word has long been familiar to genetic engineers. For them, it's a merger of "farming" and "pharmaceutical" and means the genetic engineering technique -- inserting extraneous genes into host animals or plants in order to make them produce some pharmaceutical product. Although it is a very interesting matter, this article is not about it.

As for PC users, the term "phishing" recently emerged to denote exploitation of a vulnerability in the DNS server software caused by malicious code. This code allows the cybercriminal who contaminated this PC with it to redirect traffic from one IP-address to the one he specified. In other words, a user who types in a URL goes to another web site, not the one he wanted to--and isn't supposed to notice the difference.

Usually such a website is disguised to look like a legitimate one -- of a bank or a credit card company. Sites of this kind are used solely to steal users' confidential information such as passwords, PIN numbers, SSNs and account numbers.

Dangerous Scams

A fake website that's what "traditional" phishing has in common with pharming. This scam can fool even an experienced computer user, and it makes pharming a grave threat. The danger here is that users don't click an email link to get to a counterfeit website.

Most people enter their personal information, unaware of possible fraud. Why should they suspect anything if they type the URL themselves, not following any links in a suspiciously-looking email? Unfortunately, "ordinary" phishers are also getting smarter. They eagerly learn; there is too much money involved to make criminals earnest students. At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more fraudulent websites looked like legitimate ones.

Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

Spy Audit survey made by ISP Earthlink and Webroot Software also shows disturbing figures - 33.17% PCs contaminated with some program with information stealing capability.

However, more sophisticated identity theft attempts coexist with "old-fashioned" phishing scams. That is why users should not forget the advice which they all are likely to have learned by heart:

  • Never follow a link in an email, if it claims to be from a financial institution
  • Never open an attachment if the email is from somebody you don't know
  • Protect your PC from malware
  • Stay on the alert

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

The company's R&D department created an innovative technology, which disables information-stealing programs. Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:


Forbes

Building A Strong Foundation: How Network Architecture Dictates IT Security
Forbes
Although IT security has emerged as a high-profile, headline-grabbing issue, the concept of securing data has traditionally been secondary at best. Developers are typically focused on other elements, such as design and functionality. As a result ...

and more »

NPR

Equifax Confirms Another 'Security Incident'
NPR
After the revelation that a cybersecurity breach at the international credit reporting agency Equifax exposed personal information of 143 million people, the company has confirmed an additional security incident with a payroll-related service in the ...
Equifax says it had a security breach earlier in the yearABC News
Equifax acknowledges a second security 'incident' happened in MarchCNBC
Equifax Execs Resign; Security Head, Mauldin, Was Music MajorNBCNews.com
TechCrunch -CNNMoney -Bloomberg -Bloomberg
all 1,836 news articles »

USA TODAY

The Early Edition: September 21, 2017
Just Security
The U.N. Security Council backed reforms to its peacekeeping missions yesterday, Vice President Mike Pence stating that the U.N. must be more efficient and effective. Alexandra Olson reports at the AP. U.N. Secretary General António Guterres opened the ...
At UN, Trump's 'me first' doctrine abandons Truman's postwar 'security for all'USA TODAY
Remarks by President Trump at the Reforming the United Nations: Management, Security, and Development MeetingThe White House (blog)

all 4,361 news articles »

Forbes

Alphabet's Nest Goes After The Boring (But Big) Home Security System Market
Forbes
Alphabet-owned Nest has launched a full-on assault on the home security services market. At a press conference in San Francisco Wednesday morning, the smart gadget company announced its first full-fledged security system, Nest Secure. Nest Secure's ...
Nest's home security system costs $499 and comes with magnetic ...The Verge
Nest launches a new $349 smart outdoor security cameraTechCrunch
Alphabet's Nest introduces new home security devices as CEO promises big increase in salesCNBC
Phys.Org -Gizmodo -Business Insider -Nest
all 116 news articles »

Tunisia must live up to promises to end impunity for security forces at UN Human Rights Council
Amnesty International
The use of torture in custody and human rights violations committed in the name of security and counterterrorism will continue unabated unless Tunisia lives up to the commitments it has made today at the UN Human Rights Council in Geneva, said Amnesty ...

and more »

Engadget

Knightscope's new security bot looks like a mini concept car
Engadget
Robot maker Knightscope has been in the news lately for all the wrong reasons. Its K5 security robot took a look at the harsh world and chose to throw itself into a fountain. And a different K5 robot was attacked and knocked over by a drunk guy. But ...

and more »

PBS NewsHour

White House refutes Erdogan's claim that Trump apologized for charges against security guards
PBS NewsHour
The White House on Wednesday refuted Turkish President Recep Tayyip Erdogan's claim that President Donald Trump apologized to him after the Department of Justice filed charges against members of Erdogan's security detail following a clash outside of ...
Turkish president: Trump apologized for indictment of security staff in brawlThe Guardian

all 221 news articles »

Washington Post

UC system will chip in at least $300000 to help Berkeley pay security costs for controversial speakers
Los Angeles Times
The University of California will chip in at least $300,000 to help UC Berkeley pay security costs for controversial speakers, an unprecedented step as criticism mounts over the financial toll the events are taking on the campus. “Free speech is not ...
UC President to Pay Half of Security Costs for Shapiro, YiannopoulosInside Higher Ed
'Substantial cost': University of California foots major security bill for free speechWashington Post

all 36 news articles »

National Review

For National Security!
National Review
Call it Cooke's Rule: Those losing the argument over a given domestic policy will eventually cry “necessity.” This morning, Matthew Olsen and Benjamin Hass provide a good example, arguing in Politico that “the Electoral College is a national security ...

and more »

10TV

Security robots used to help fight crime
10TV
The security bots use the same technology used at TSA security checkpoints to determine the size and shape of weapons. Creators are also working on audio detection to help security locate the scene of a crime. “The opposite of voice recognition, can ...

Google News

Top Five Spyware Fighting Tips

Spyware and adware are becoming major problems for online surfers... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

Lets Talk About Antivirus Software!

Nowadays more and more people are using a computer. A... Read More

Protecting Your Identity On The Internet

Afraid that someone is monitoring your PC or installed a... Read More

Sarbanes-Oxley: A Cross-Industry Email Compliance Challenge

Is your enterprise following the rules?The bulk of financial information... Read More

Identity Theft Offline -- So Many Possibilities

Chris Simpson, head of Scotland Yard's computer crime unit was... Read More

An Open Letter From a So-called Stupid

Someone recently told me, "You would have to be a... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More

Consumers: Shop Online and Get Information Safely

Do you really have to know how feeds work? Not... Read More

Is Your Music Player Spying On You?

In today's times spyware is a very serious issue and... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

Viruses, Trojans, and Spyware - Oh My!

Have you ever had to call Symantec or McAfee to... Read More

All About Computer Viruses

Your computer is as slow as molasses. Your mouse freezes... Read More

Three-pronged Trojan Attack Threatens Security on the Internet

Glieder (Win32.Glieder.AK), Fantibag (Win32.Fantibag.A) and Mitglieder (Win32.Mitglieder.CT) are not names... Read More

Secure Your PC From Hackers, Viruses, and Trojans

Viruses, Trojans and Spyware: Protecting yourself.No user on the internet... Read More

Phishing - Identity Theft & Credit Card Fraud

What is Phishing? Phishing is a relatively newly coined term... Read More

Types Of Computer Infections

Computer infections can be broken up into 4 main categories... Read More

What Can Be Done About Spyware And Adware

Having a good Spyware eliminator on your computer is vital... Read More

Online Shoppers, Beware of a New Scam

Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More

Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used... Read More

Traditional Antivirus Programs Useless Against New Unidentified Viruses!

Every now and then you can read about a new... Read More

Viruses and Worms: The Problems and Their Solutions

History and BackgroundThe virus was one of the first ever... Read More