Pharming is New Phishing
|
Phishing is the modern way to defraud people! Well, Phishing is just so 2004. The new security threat is now "PHARMING"! Or so you would think. Phishing is a scam involving social engineering to obtain personal details such as passwords and other confidential information. Classically, a spam email, purportedly from a bank will arrive. The message will request that the victim, click on a URL which takes them to a fake website. There the victim is prompted to enter the confidential information, which can then be used to get money from his account. There is one flaw in the method for the bad guys. Namely the victim has to click on a URL on a dodgy looking email. The UK banks on every ATM, letter and website tell customers they will not request such information by email or letter. Hence customers are very aware. Pharming does not use fancy code or heavy threats of violence. Instead it uses those trusty standbys, weak browser securit, weaknesses in the administration of the Internet, peoples trust and innocence. Essentially the bad guys hijack domains or DNS poisoning to redirect people to the fake sites. An example was when the DNS information for the Al-Jazeera website was changed, so visitors were redirected to an American site saying "Owned by USA". "Pharming is a next generation phishing attack", according to Scott Chasin, CTO of MX Logic told Government Computer News. Pharming is not rocket science for someone who understands the DNS system. As Mr Chasin says, only improved browser security and strengthening the DNS system will prove strong enough security. Examples include stopping address spoofing or enforcing certification more strongly.
|
Related Articles
Similar Areas Selected Books Keywords
|