IT Security Blog

  • Home
  • About IT Security Blog
  • IT Security Basics
  • Real-World Issues
  • Network Security
  • News
  • Malware
  • Tips
  • Spyware

How pharming works

15 September 2006 By Saran

e-bay splash page
Though we’ve recently covered a few scams about phishing and e-mail, some swindlers have graduated from targeting victims one-by-one to a large-scale scam called pharming. Pharming can reel in potentially millions of unwitting victims to their schemes without anyone realizing it.

Pharmers divert as many users as they can from legitimate commercial sites to malicious ones. These sites look exactly like the genuine site, but when users sign in with their log-in names and their passwords, this information is taken by criminals. Once they have these, they can access your account information and take credit and bank account numbers for their own nefarious use. Pharming are often targeted o auction and banking sites where financial rewards are great.

The most alarming pharming threat involves something called DNS poisoning. All the hosts in the internet are identified by numbered strings called IP addresses, and computers identify different sites using these. Because it’s difficult to remember a string of 32 numbers, the Domain Name System or DNS translates these addresses to a string of text that will serve as its directory entry. A DNS directory gets poisoned when it’s altered to hold false information leading to the bogus site. Typing in the site URL serves as no guarantee, because you will still be taken to the fake site. Even savvy net users can be caught by this technique.

Site users can protect themselves by logging onto their sites using a secure (https://) connection. If you’re suspicious, you can also check your commercial site’s security certificates to see if they are real. Some sites like yahoo offer various authentication methods such as personalized seals on their mail service page, so you can identify the real site from the fake ones.

Filed Under: IT Security Basics, Privacy & Anonymity, Real-World Issues Tagged With: IT Security Basics, Privacy-&-Anonymity, Real-World Issues

Categories

  • Backups
  • Cryptography
  • E-mail
  • Firefox
  • General
  • Google Chrome
  • IM
  • Instant Messaging
  • IT Security Basics
  • Malware
  • Network Security
  • News
  • Operating Systems
  • Physical Security
  • Privacy & Anonymity
  • Programming
  • Real-World Issues
  • Review
  • Security Policies
  • Spyware
  • Storage
  • Tips
  • Web browsers
  • Wireless Security