Phishing, Pharming, and Phoraging
Current News Updates 
Phishing, Pharming, and PhoragingDefinitions of these three commonly used terms: PhishingPhishing is e-mail fraud where the perpetrator sends out legitimate-looking e-mails that appear to come from well known and trustworthy Web sites in an attempt to gather personal and financial information from the recipient. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait. Web sites that are frequently spoofed by phishers include PayPal , eBay , MSN, Yahoo , BestBuy, and America Online.Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients' AOL accounts. The perpetrator's e-mail used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers ( PIN s), social security numbers, banking numbers, and passwords. This information was used for identity theft . The FTC warns users to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization's Web site to find out whether the request is legitimate. If you suspect you have been phished, forward the e-mail to uce@ftc.gov or call the FTC help line, 1-877-FTC-HELP. Pharming- 1) Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called "phishing without a lure."In phishing , the perpetrator sends out legitimate-looking e-mails, appearing to come from some of the Web's most popular sites, in an effort to obtain personal and financial information from individual recipients. But in pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits. A particularly ominous pharming tactic is known as domain name system poisoning ( DNS poisoning ), in which the domain name system table in a server is modified so that someone who thinks they are accessing legitimate Web sites is actually directed toward fraudulent ones. In this method of pharming, individual personal computer host files need not be corrupted. Instead, the problem occurs in the DNS server, which handles thousands or millions of Internet users' requests for URLs. Victims end up at the bogus site without any visible indicator of a discrepancy. Spyware removal programs cannot deal with this type of pharming because nothing need be technically wrong with the end users' computers. Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent Web site, criminals have the information and identity theft can be the end result. Phoraging This recently coined term refers to data that is collected on individuals through online social engineering based on various techniques. Currently not as prevalent as Phishing and Pharming, the technique involves a user visiting a specific site, the pages of the site may be not be secured by an SSL certificate - and therefore could be readily interceptable. A typical example could be a person searching for a holiday online, visiting an non-secured site and filling in an online form, this information being intercepted, and combined with another site where other personal information has been filled in on a similar form. This in turn has implications as they more information you have on a user the more potential there is to capture a higher percentage of their identity. Further details can be found in a recent presentation delivered by VeriSign http://complianceandprivacy.com/WhitePapers/338,6,How much value to a fraudster is there in data? |
|
|