No F in Internet Privacy – The Facts About Pharming And Phishing

Pharming is when a hacker attacks your computer and tries to redirect a website’s traffic to another fake website.  This can be done by either changing the hosts file on the target’s computer or by exploiting vulnerability in DNS server software.  DNS servers are computers responsible for resolving Internet names into their real addresses.  These are the “signposts” of the Internet.  DNS servers that have been “poisoned” can cause serious problems for businesses, especially ones that host e-commerce and online banking websites.  Phishing refers to social engineering attacks to obtain access credentials such as user passwords, and names.  These efforts can be used to steal someone’s identity information and are a major concern.  Antivirus software and spyware removal software will not protect you against pharming, but there are sophisticated measures known as anti-pharming that are required to protect you against pharming.

The way pharming works is that every host on the Internet has an IP address.  Four numbers separated by dots, which is known textually as a dotted quad, usually represent these 32-bit addresses.  Each of the four numbers is between 0 and 255 and they represent 8 of the 32 bits of the address.  The way machines on the Internet identify each other is by their IP addresses and every bit of data on the Internet is tagged with the IP addresses of the sender and intended recipient.  The directory that helps us remember all these numbers is called the Domain Name System.  This system maps domain names and this server directs any domain name submitted to it to the correct IP address much like a telephone book.

When a criminal seeks out an opportunity to steal someone’s account information, he can set up a fake website that looks and works just like the site of a bank or other sensitive website.  The victims are lured to this website to divulge their sensitive personal information such as passwords, PIN numbers, or account numbers.  The most common way is by phishing, but this can be defeated if the victim notices the web address doesn’t match.  The criminal can also hijack the victim’s DNS server and change the IP address of his false website, so the victim can enter the correct web address, but then be directed to the fake website.  This is only possible when the victim accesses the original site via HTTP but not HTTPS, which has SSL protection, or if the user ignores warnings about invalid server certificates.

Phishing uses some form of technical depiction that is designed to make a link in an e-mail, as well as the bogus website it leads to, look like it belongs to the spoofed organization.  Phishers use tricks like misspelled URLs or sub-domains, as well as making the anchor text for a link appear to be a valid URL when the link actually takes you to the phishers’ site.

The dangers of phishing range from loss of access to email, all the way to substantial financial loss.  This is identity theft and this style in particular is becoming more popular because it is easy to dupe unsuspecting people into divulging their personal information including credit card numbers, social security numbers, and mothers’ maiden names.  Once this information has been attained, the phishers can use it to create fake accounts in the victim’s name, as well as ruin their credit, or prevent them from accessing their accounts. Phishing caused losses totaling approximately $929 million USD and US businesses lose an estimated $2 billion a year, as their clients become victims.

There are several different options to combat phishing, which include changing and evolving legislation and technology that has been created especially to protect consumers against phishing.