3/16/2005

Pharming beyond Phishing

New security aleart for today. I'm sure we all heard about "Phising"(pronounced "fishing" - it's when you are lured into typing sensitive information [username/password/SSID/etc.] by fake emails and/or bogus webpages[ie. bait] ) but now there's a new thing that's even worse called "Pharming." Although it is harder to fake, once it's done not many people would care to notice it.

"Pharming is simply a new name for a relatively old concept: domain spoofing. Rather than spamming you with e-mail requests, pharmers work quietly in the background, "poisoning" your local DNS server by redirecting your Web request somewhere else."

What does it mean in plain english? It means that when you type something like www.citibank.com, you might get directed to a fake site that looks exactly like the official site. And, obviously, the info you give to the site are actually being sent to the "pharmer" instead. There isn't exactly a fix for this, since it's all about DNS redirecting and not the users' "fault." There is a way to work around it though, but it requires too much hassle for an average user. Just be on a look out when you type sensitive information on the internet.

via: Cnet

0 Comments:

Post a Comment

<< Home

Some Rights Reserved © 2004-2006, iblogg.blogspot.com. Via Creative Commons License.