Contact us

[ return to list ]

Alert to Personal Computer Users: Pharming Reaps Data for Criminals

Have you been recently warned about "phishing"? Now there's another method of identification (ID) theft infiltrating desktops called "pharming." This latest innovation may be even more insidious than its predecessor.

First, let's explain how phishing works. Typically, you receive an e-mail appearing to come from a financial services company or other firm. The e-mail asks you to update your account information or verify existing records by providing credit card numbers, user names, passwords and the like. Not only does the e-mail look identical to comparable messages from the actual source, the web site it links to is an exact replication. After the crooks obtain the information through this fraud, they sell it or use it for criminal purposes.

Pharming is a more sophisticated version of this scam. With pharming, the Domain Name Servers-the giant machines that turn Internet names into real addresses-allow a hacker to acquire the domain name for a web site and redirect that site's traffic to a different web site. If the web site receiving the traffic is a fake web site, such as a copy of a bank's web site, it can be used to "phish" or steal the personal computer (PC) user's information.

In other words, you won't even be aware that your information has been lifted. As far as your computer is concerned, everything is working fine and you really are talking to the web site you thought you had accessed. Even worse, the pharming attack can redirect all of your traffic to this site-your e-mail, transactions, etc.-to the criminal's computer.

What can you do against pharming attacks? In addition to running an up-to-date antivirus program and maintaining a firewall, a little knowledge can go a long way.

Most financial sites run on secure servers (i.e., there's a closed lock icon on the bottom of your Internet browser). The https prefix indicates a secure server. By keying it in, you force the browser to go only to an SSL (Secure Sockets Layer)-enabled version of the web site. If the site has been hijacked, your browser should issue a pop-up box alerting you that the site SSL certificate does not match the URL you typed. At that point, log off and abort your attempt to visit the hijacked site. Use the telephone to call and alert the financial company.

Secure sites must have a digital certificate issued by a trusted third party source such as VeriSign or Thawte. Your web browser can be set to properly validate SSL certificates.

Reminder: Being forewarned is being forearmed. You can ward off pharming stacks by taking these precautions. Consult with a PC expert for more details.

return to list ]




	[ return to list ] Alert to Personal Computer Users: Pharming Reaps Data for Criminals Have you been recently warned about "phishing"? Now there's another method of identification (ID) theft infiltrating desktops called "pharming." This latest innovation may be even more insidious than its predecessor. First, let's explain how phishing works. Typically, you receive an e-mail appearing to come from a financial services company or other firm. The e-mail asks you to update your account information or verify existing records by providing credit card numbers, user names, passwords and the like. Not only does the e-mail look identical to comparable messages from the actual source, the web site it links to is an exact replication. After the crooks obtain the information through this fraud, they sell it or use it for criminal purposes. Pharming is a more sophisticated version of this scam. With pharming, the Domain Name Servers-the giant machines that turn Internet names into real addresses-allow a hacker to acquire the domain name for a web site and redirect that site's traffic to a different web site. If the web site receiving the traffic is a fake web site, such as a copy of a bank's web site, it can be used to "phish" or steal the personal computer (PC) user's information. In other words, you won't even be aware that your information has been lifted. As far as your computer is concerned, everything is working fine and you really are talking to the web site you thought you had accessed. Even worse, the pharming attack can redirect all of your traffic to this site-your e-mail, transactions, etc.-to the criminal's computer. What can you do against pharming attacks? In addition to running an up-to-date antivirus program and maintaining a firewall, a little knowledge can go a long way. Most financial sites run on secure servers (i.e., there's a closed lock icon on the bottom of your Internet browser). The https prefix indicates a secure server. By keying it in, you force the browser to go only to an SSL (Secure Sockets Layer)-enabled version of the web site. If the site has been hijacked, your browser should issue a pop-up box alerting you that the site SSL certificate does not match the URL you typed. At that point, log off and abort your attempt to visit the hijacked site. Use the telephone to call and alert the financial company. Secure sites must have a digital certificate issued by a trusted third party source such as VeriSign or Thawte. Your web browser can be set to properly validate SSL certificates. Reminder: Being forewarned is being forearmed. You can ward off pharming stacks by taking these precautions. Consult with a PC expert for more details. return to list ]
2423-B Plantation Center Drive, Suite B, Matthews NC 28105 Fax:704-845-0928 © Copyright 2004 Desai & Desai, LLP