Article Directory :: Computers & Technology Articles

“Phishing” on the “Pharm”: How Thieves Combine Two Techniques to Steal Your Identity

By John Young

Subscribe to John Young's RSS feed using any feed reader!

Republish: EasyPublish
Published: 07Oct2006
Word count: 945
Viewed: 535 time(s)
Bookmark this article using any bookmark manager!
Get Free Content For Your Site

Bob squinted at the email and began to read:

"Dear eBay User, as part of our security measures, eBay Inc. has developed a security program against fraudulent attempts and account thefts. Therefore, our system requires further account verification…"

Security Measures. A threat to suspend his account to prevent "fraudulent activity". The email went on to say that there were "procedural safeguards with federal regulations to protect the information you provide for us."

Bob clicked the link and was confronted with an authentic looking logon page, just waiting for him to input his user name and password and confirm what ebay supposedly didn't know.

He almost did it. The page looked absolutely authentic, and he had already been "set up" by the email message. His fingers were poised over the keyboard when he happened to glance at the URL.

There was something very, very wrong with it.

"PHARMING" TO FLEECE SHEEP

The art of "pharming" involves setting up an illegitimate website that is identical with its legitimate prototype, for example the ebay page Bob was almost suckered into using, and redirecting traffic to it.

"Pharmers" can do it in two ways:

1. By altering the "Hosts" file on your computer. The Hosts file stores the IP address of websites you have been accessing. By inserting a new IP address into the database field corresponding to a website, your own computer can be redirected to the pharmer's website. Any information you give the bogus site is immediately hijacked by the pharmer.

2. Hijacking the DNS (Dynamic Name Server) itself. A DNS matches the names of address with their IP addresses. If this server can be coerced into assigning new IP addresses to traditional names, all computers using the name resolution provided by the DNS server will be redirected to the hijacker's web site.

Once that happens, it's time to be fleeced.

DOWN ON THE PHARM

"Pharmers" hijack your "hosts" file or DNS servers using Spyware, Adware, Viruses or Trojans. One of the most dangerous things you can do is to run your computer without some form of Internet Security installed on it.

Your security software should be continually updating its virus definitions, and be capable of warning you if something has been downloaded from a web site or through email. It should be able to remove it, "quarantine it", or tell you where it is so that you can remove it by hand.

You should also have Spyware and Adware programs installed, and be aware of any change in Internet browsing patterns. If your home page suddenly changes, or you experience advertising pop ups (which may pop up even when you are not hooked up to the Internet), you should run a Virus, Spyware or Adware scan.

Thanks to the efficacy of these protection programs, pharming is a lot more difficult than it used to be. It isn't as easy to hijack a computer as it once was.

So, the "pharmers" have teamed up with the "phishermen" to get you to visit the bogus web page yourself, and enter all the information they need.

PHISHING TO CATCH YOU ON THE PHARM

As Bob discovered, the page he had been taken to by the bogus email message was identical to the ebay logon page. Identical in every way except for the URL.

Out of curiosity, he checked the URL for the ebay logon by accessing ebay directly and clicking on the logon link. The two URL's were nothing alike, except the bogus one did have the word "ebay" in it twice – just enough to make it look authentic.

By combining the two techniques, the phishermen/pharmers had avoided the high tech problems associated with downloading a Virus that could get past his protection software. They had gone straight for the throat.

Bob's throat.

YOUR ONLY REAL IDENTITY THEFT PREVENTION AND PROTECTION

The bottom line is that the only real protection against the pharmers and phishermen is YOU. There are three things you must consider when you read any email demanding information:

• Why do they want it? Be extremely skeptical when they say they have to "update their records", "comply with federal regulations", or prevent fraud. They are the ones initiating the fraud.

• Why can't this be done at the website? Why not invite you to access the website directly and provide this information? The answer is because the bonafide company doesn't need an update.

• What does the URL look like? Is it a series of subdomains some of which have the name of the bonafide company? Most likely the subdomain is set up with a free hosting company.

• Have they provided partial information about you as a guarantee that the email authentically comes from the legitimate source? Be very careful of this one. This technique is effective for "pretexting", impersonating a person or company, and was used in the Hewlett Packard scandal to collect information. Just because they know your first and last name (and any other information – known only to the legitimate source) doesn't mean the email is legitimate. They probably hijacked the information off the server.

THE BOTTOM LINE

The bottom line is: don't provide any information at the behest of an email, no matter how authentic it looks, or how authentic the page it directs you to looks. If you must log in, do so at the parent site itself.

Your Identity Theft prevention and protection is, in the final analysis, up to you.

Don't be the next sheep fleeced by the pharmers who caught you with the phisherman's hook. Being dropped naked into their frying pan is NOT a fate you want.

John Young is a writer with a scientific and technical background living in California. At the age of 62, he is the father of four, grandfather of 13, and lives with his wife and cat “Bear”. Please check out his latest book on Identity Theft at http://www.youridentitystolen.com For some suggestions on Fire Walls, Virus, Spyware and Adware protection software visit his “California Software Shop” at http://www.pcreveal.com

Bookmark this article using any bookmark manager! Subscribe to John Young's RSS feed using any feed reader!

EasyPublish™ this article - publishers click here

More articles by John Young

Free Report!
Ten Essential Secrets Of Article Marketing ... Grab Your Free
Copy Now:




We respect your privacy.

Need Content?
Regular Top Quality Content for your Blog, Ezine or Website ...
Delivered Direct,
For Free!
Click For Details


Arts & Entertainment
Automotive
Business - General
Computers & Technology
Finance & Investment
Food & Drink
Health & Fitness
Home & Family
Internet Marketing/Online Business
Legal
Pets & Animals
Politics & Government
Reference & Education
Religion & Faith
Self-Improvement/Motivation
Social
Sports & Recreation
Travel & Leisure
Writing & Speaking

More computing articles:

  • Using Cell Phone Tracker To Track Mobile Phones (Unnah Mitchels)
    A cell phone spy is used to track the owner of a particular cell phone and also the calls made by the cell phone owner. Using this software, one could track the exact location of the owner of the targeted mobile phone. The beauty of this software is that the targeted cell phone owner will not be able to see the software or the log information related to the mobile spying activities.

  • Using 3D Cover Flow Flash (Brian Neil)
    If you have decided to create a website in order to promote your online business, you will quickly realize that you will have many decisions to make. Not only do you have to know at least a little bit about online marketing, but you should also have some experience setting up a website.

  • Many Aspects of Flash Accordion AS3 (Brian Neil)
    There are many people that choose to use the flash accordion as3 menu. This is because there are a great many amazing features that go along with this product. Of course, before you make your purchase, you should make sure that this is the right product for you.

  • Customizing the Flash Dock Menu (Brian Neil)
    There are many different pieces that you will have to put together to make up your website. Many of the features that you will have to include are extremely important. All that you have to do to figure out which features are the most important is to look at various websites.

  • A Truthful Justhost Review (Hanson Raider)
    Finding a trusted webhost is an important yet easy task but every one of you would concur to the fact that finding a reputable web host can be exhausting and tricky. Furthermore, with all the commercials released that refers to incredible web hosting offers , Justhost hosting review can offer everyone a wide-ranging rules on what to search for in the web hosting provider.

  • Get Into The Blue (Hanson Raider)
    As the days go by and our ideas and opinions become seasoned by time we all understand on very important thing, we need a web host. That is, if we ever expect to express these seasoned and learned opinions in an open venue meant for such a topic. What about that idea you had for manufacturing and selling your hand crafted wares, now you will have a place to showcase your products with your own website.

  • Can I Get Some Privacy Here (Hanson Raider)
    There are so many of us are in love with the internet and the websites that are intrinsic to its makeup that we spend our lives enraptured by its overpowering presence. We are content to spend the majority of our work and free time entertaining ourselves with internet content. Though it could be said we should find something a little more active to do with our time, many of us fail to heed this warning.

  • Got Your Head In The Clouds? (Hanson Raider)
    With all of the different viewpoints, standpoints and opinions we all have it is no wonder that the internet is growing in size and popularity more and more every day. There are millions of people who need a product or service not readily available at their local markets. This is what makes the internet such a remarkable tool.

  • Advantages Of Choosing Most Affordable Dedicated Hosting (Hanson Raider)
    A lot of people out there think that when you have an extremely huge website and there are constantly viewers storming into it, the trafficking is dreadfully high and thus you need a very costly hosting service to handle the heavy trafficking. Nevertheless, opposing to what numerous people think Intel Pentium 4 provides a cheap dedication web hosting service.

We Automatically Distribute Articles
To Thousands Of Publishers And Web Sites:
Submit Article
All content is viewed and used by you at your own risk and we do not warrant the accuracy or reliability of any of the information. The views expressed are those of the individual contributing authors and not necessarily those of this web site, or its owner, Takanomi Limited.
  
Copyright © 2012 Takanomi Ltd. Company no. 5629683. All rights reserved. | Privacy | Legal | Contact Information