[Vision2020] An Ounce of Prevention

Tom Hansen thansen at moscow.com
Mon May 2 12:45:33 PDT 2005


>From today's (May 2, 2005) Spokesman Review.

For those of you whose computers are currently using either Windows XP or
Windows 2000 operating systems, I strongly recommend:

http://toolbar,netcraft.com

---------------------------------------------------------------------------

Fertile fields for pharming 
New fraud scam against online bank users could be the most menacing

Jane Larson
The Arizona Republic
May 2, 2005

It's the next Internet scam, and it could be the most menacing.

The reason: Even experienced Internet users can become victims and not know
it.

The ploy is called pharming - a play on "phishing," another type of Internet
fraud - and it involves highly skilled hackers who secretly redirect users'
computers from financial sites to the scammers' fake ones, where they steal
passwords and other personal information. Even the Web address looks the
same.

Unlike phishing, where users click on links in e-mails and are taken to fake
sites, pharming intercepts a user on his or her way to the bank or
credit-card firm's Web site. And it potentially can affect thousands of
users at a time.
 
"With pharming, you don't have to do anything stupid to get on the hook,"
said Tom Leighton, chief scientist of Internet software firm Akamai
Technologies Inc. in Cambridge, Mass. "You're just swimming along, and you
get caught in the net."

It is just a matter of time before the scam becomes widespread, experts
fear.

"If it didn't get worse, it would buck the trend of all known security
problems," said David Jevans, a Silicon Valley executive who is chairman of
the fraud-fighting Anti-Phishing Working Group.

The scam is so new that Internet security gurus have just started warning
about it.

Akamai's Leighton told a technology conference in December that hackers are
targeting small sections of the Internet and rerouting traffic to fake bank
sites to capture users' passwords. The legitimate sites don't notice the
drop in Web traffic because it is just a fraction of the total, he said.

An anti-phishing bill introduced in Congress last month would also apply to
pharming. It calls for prison time and fines for those caught either
phishing or pharming.

Security experts say pharmers have two main ways of operating: attacking
either users' computers or the large servers that find Web sites for users.

The first way is to send virus-laden e-mails that install small software
programs on users' computers. When a user tries to go to his bank's Web
site, the program redirects the browser to the pharmers' fake site. It then
asks a user to update information such as logons, PIN codes or driver's
license numbers, said Chris Faulkner, chief executive officer of CI Host
Inc., a Web-hosting firm in Bedford, Texas. Scammers use the information to
steal identities.

Other viruses, called keyloggers, track a user's keystrokes on legitimate
sites and can be used to steal passwords.

The pharmers' second method takes advantage of the fact that Web sites have
verbal names but reside at numeric addresses on the Internet. When users
type a Web site's name into their browsers, Domain Name System, or DNS,
servers read the name, look up its numeric address and take users to the
site.

Pharmers interfere with that process by changing the real site's numeric
address to the fake site's numeric address.

The servers can belong to financial institutions, Web-hosting companies or
Internet service providers. This tactic, called DNS poisoning, has been
around for years, but it is only in the past six months that techies have
seen it used for identity theft and dubbed it pharming.

"It's like the name sounds," said Rami Habal, senior product manager at
Proofpoint Inc., a Cupertino, Calif.-based e-mail security software firm.
"They're planting the seeds of malicious code and harvesting the identity
information later."

What alarms the experts is that pharming can reroute thousands of Internet
users at a time, making the impact potentially huge.

---------------------------------------------------------------

Take care, Moscow.

Tom Hansen
Moscow, Idaho

"Life should NOT be a journey to the grave with the intention of arriving
safely in an attractive and well preserved body, but rather to skid in
sideways, chocolate in one hand, a drink in the other, body thoroughly used
up, totally worn out and screaming 'WOO HOO. What a ride!'"




More information about the Vision2020 mailing list