Phishing and Pharming: Dangerous Scams

As soon as almost all computer users already got used to -- or at least heard about -- the word "phishing", another somewhat confusing word appeared not long ago. Pharming. Does it differ from phishing -- and if yes, how?

Two Pharmings

Actually, two completely different fields use the term "pharming" now. We can say there exist two separate "pharmings".

If genetics or businessmen from pharmaceutical industry are talking about pharming (spelled like that) it might have nothing to do with computers. This word has long been familiar to genetic engineers. For them, it's a merger of "farming" and "pharmaceutical" and means the genetic engineering technique -- inserting extraneous genes into host animals or plants in order to make them produce some pharmaceutical product. Although it is a very interesting matter, this article is not about it.

As for PC users, the term "phishing" recently emerged to denote exploitation of a vulnerability in the DNS server software caused by malicious code. This code allows the cybercriminal who contaminated this PC with it to redirect traffic from one IP-address to the one he specified. In other words, a user who types in a URL goes to another web site, not the one he wanted to--and isn't supposed to notice the difference.

Usually such a website is disguised to look like a legitimate one -- of a bank or a credit card company. Sites of this kind are used solely to steal users' confidential information such as passwords, PIN numbers, SSNs and account numbers.

Dangerous Scams

A fake website that's what "traditional" phishing has in common with pharming. This scam can fool even an experienced computer user, and it makes pharming a grave threat. The danger here is that users don't click an email link to get to a counterfeit website.

Most people enter their personal information, unaware of possible fraud. Why should they suspect anything if they type the URL themselves, not following any links in a suspiciously-looking email? Unfortunately, "ordinary" phishers are also getting smarter. They eagerly learn; there is too much money involved to make criminals earnest students. At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more fraudulent websites looked like legitimate ones.

Since about November 2004 there has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

Spy Audit survey made by ISP Earthlink and Webroot Software also shows disturbing figures - 33.17% PCs contaminated with some program with information stealing capability.

However, more sophisticated identity theft attempts coexist with "old-fashioned" phishing scams. That is why users should not forget the advice which they all are likely to have learned by heart:

  • Never follow a link in an email, if it claims to be from a financial institution
  • Never open an attachment if the email is from somebody you don't know
  • Protect your PC from malware
  • Stay on the alert

Alexandra Gamanenko currently works at Raytown Corporation, LLC -- an independent software developing company that provides various solutions for information security.

The company's R&D department created an innovative technology, which disables information-stealing programs. Learn more -- visit the company's website http://www.anti-keyloggers.com

In The News:

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news

TechCrunch

In the NYC enterprise startup scene, security is job one
TechCrunch
While most people probably would not think of New York as a hotbed for enterprise startups of any kind, it is actually quite active. When you stop to consider that the world's biggest banks and financial services companies are located there, it would ...

and more »

WIRED

Xbox Hacking, LinkedIn Bugs, and More Security News This Week ...
WIRED
If you haven't read this month's WIRED cover story about teen hackers who went too deep into Microsoft Xbox's systems, make that your first stop. In more current news, the White House sent mixed messages on cybersecurity policy this week, calling out ...

and more »

The US- China Face-off: Is It About Trade? Or National Security?
Fortune
In theory, the U.S. Commerce Department's move earlier this week to slap a seven-year ban on the sale of American products to ZTE Corp., China's second-largest telecommunications equipment manufacturer, was all about national security and had nothing ...

and more »

Fortune

Twitter Bans Ads from Russian Computer Security Company Kaspersky Lab
Fortune
Twitter has banned ads on its service from Russian security software maker Kaspersky Lab, after the U.S. government prohibited agencies from using its products because of alleged ties to the Russian government. The ban, confirmed by Twitter to Reuters ...
Twitter banned Russian security firm Kaspersky Lab from buying adsTechCrunch
Kaspersky banned from advertising on Twitter over security fearsTelegraph.co.uk
Twitter Ads policies - Twitter for BusinessTwitter for Business
Reuters -Homeland Security -Ars Technica -Kaspersky Lab
all 44 news articles »

TMZ

Rapper Belly Wailed On by Coachella Guards ... Crazy Vid During The Weeknd's Set!!
TMZ
Belly was the recipient of several flying fists from security guards during The Weeknd's performance at Coachella ... even though the rapper performed at the fest earlier in the night. Belly -- who actually has a hit song with The Weeknd -- was in a ...

and more »

Fox News

Mary Berry discusses airport arrest after security mistook her flour for ...
Fox News
Unsurprisingly, her sense of humor got her through the ordeal.

and more »

CryptoSlate

Crypto Trade Group Pressures SEC to Exempt Ethereum From ...
CryptoSlate
An alliance of lawyers, venture capitalists, and entrepreneurs have recently met with the US Securities and Exchange Commission to petition for the creation of cryptocurrency “safe harbors” for specific cryptocurrencies and tokens, including Ethereum ...
US Regulators Asked Not to Classify Ethereum as a Security: NYT ReportCCN
Major VC Firm Asked SEC to Not Categorize Cryptocurrency as SecuritynewsBTC
Venture Capitalists Seek 'Safe Harbor' for Virtual CurrenciesNew York Times

all 24 news articles »

Newsday

LI school districts weigh adding security, programs vs. cutting taxes ...
Newsday
Surveys of Long Island school districts' proposed 2018-19 budgets confirm that taxes are increasing at a greater pace, with much of the extra money earmarked for security guards and other safety measures. A Newsday sampling of district spending plans ...

and more »
Google News

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Secure Your PC From Hackers, Viruses, and Trojans

Viruses, Trojans and Spyware: Protecting yourself.No user on the internet... Read More

Don?t Become An Identity Fraud Statistic!

"You've just won a fabulous vacation or prize package! Now,... Read More

Hacked: Who Else Is Using Your Computer?

A friend called me one day and asked if I... Read More

Personal Firewalls - Secure Your Computer

There has not been a time in the history of... Read More

Its War I Tell You!

There are ways to insure security though. You can get... Read More

Identity Theft -- 10 Simple Ways to Protect Your Good Name!

Identity Theft is one of the most serious problems facing... Read More

How Did This Happen to Me? Top 10 Ways to Get Spyware or Viruses on Your Computer

If you use the internet, you have probably been infected... Read More

Click Here To Defeat Evil

Microsoft routinely releases new security updates, many of which are... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through ----------------------------- The year is 300A.D.,... Read More

Viruses and Worms: The Problems and Their Solutions

History and BackgroundThe virus was one of the first ever... Read More

Why you Must Secure your Digital Product and Thank You Web Page

A couple of years back, I paid my dues the... Read More

Everything You Need To Know About Spyware and Malware

You are at your computer, checking out software on EBay.... Read More

Wireless Network Security

Working from home has its advantages, including no commute, a... Read More

An Open Letter From a So-called Stupid

Someone recently told me, "You would have to be a... Read More

Consumers: Shop Online and Get Information Safely

Do you really have to know how feeds work? Not... Read More

7 Ways to Spot a PayPal Scam E-Mail

Paypal is a great site and is used by many... Read More

What is Hacking? Are You a Hacker?

WHAT IS HACKING?Hacking, sometimes known as "computer crime" has only... Read More

Information Security for E-businessmen: Just a Couple of Ideas

If you constantly deal with bank or electronic accounts, it... Read More

How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances

Spyware/adware is a new major concern for PC users everywhere.... Read More

Virus Nightmare..Lessons Learned

I got a virus the other day, Thursday I believe... Read More

Internet Privacy

Over the past few years as the internet has become... Read More

Free Antivirus Security Software: Download Now to Eliminate Spyware, Pop Up Ads, etc.

Adware. Spyware. Pesky pop up ads. Internet congestion. Computer malfunctions... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More