Beware: Pharming Beware: Pharming
Links to recommended reading about Safety, Monitoring and Filtering
We're been warning you about Phishing for two years now and while it's impossible to warn everyone, we all should do the best we can. Now, a new plague is on the horizon -- Pharming.
All along Mac users have been smug in the belief that online crime really can't seep into the Mac. Phishing changed the game and became the number one threat to all computer users because the user would voluntarily click a link in an email. These 'Phishing' spam emails then take the unwary user to an erroneous web site which extorts their ID, password, bank account numbers or other sensitive financial data like.
"Pharming" is the newest threat (pronounced: "farming") where criminal web sites hijack real web sites and fool the user into entering sensitive data such as a password or credit card number. The malicious web site can impersonate the legitimate web site so well, the trusting user enters the info.
How Pharming works:
Criminal programmers hack the vulnerability in DNS servers, redirecting traffic from that website to their own bogus web site. The criminal does not have to rely on having the user click a link in an email or spam. Even if the user correctly enters a URL (web address) into a browser's address bar, they are still redirected to the Pharming site where criminal can then easily "phish" or steal the computer user's passwords, PIN number or account number.
* In March, VeriSign, one of the largest ecommerce validators on the web, detected a 300 percent increased in DNS server probes that indicated there was a direct attack against DNS servers to prep the servers for pharming.
* Secure e-mail provider Hushmail was caught by an attack on 24th of April 2005 when the attacker actually called the domain registrar and gained enough information to redirect users to a defaced webpage. Hundreds of other examples have been registered: a German teenager hijacked the eBay.de domain name, and earlier this year a large New York ISP, Panix, was hijacked to a site in Australia.
How can you protect yourself?
Make sure the site is pharming-conscious (PC). Watch carefully for a "HTTPS" web protocol on the site's login page. (Keep your eye on the "Address" field of your browser -- make sure the link is accurate and preceded by "https:") Generally, Pharming sites impersonating a legitimate sites will not use https:// protocol. You will receive a message from the browser indicating that the web site's "certificate" does not match the address being visited. If you get such a message do NOT click "Yes".
Pharming is a devious criminal scheme. Information gained can be used to purchase merchandise, clean out bank accounts or open new ones, and commit other identity theft crimes. The information gained can even be sold to other criminal groups and used again and again. Since Pharming is so technically sophisticated, it is virtually impossible to detect or prevent. Since it is almost impossible to measure, we have no idea how prevalent it has become. Experts agree, pharming poses one of the most insidious threats in the online criminal's arsenal.
Read this PDF (Acrobat) Statement from Dr. F. Thomson Leighton, Co-Founder and Chief Scientist, Akamai Technologies, Inc., Professor of Applied Mathematics, MIT, Testimony before the Committee on Science U.S. House of Representatives Hearing on "The Future of Computer Science Research in the U.S." Thursday, May 12, 2005 Download the PDF: leighton_phishing.pdf
This latest online crime wave has pushed the U.S. House to a near unanimous rally (395 Ayes, 1 Nays) against internet criminals -- passing H.R. 744 I-SPY bill. The bill is now in Senate and needs your support to get it made into law.
The Internet Spyware (I-SPY) Prevention Act of 2005, introduced by Bob Goodlatte (R VA) addresses the most egregious activities that are conducted via spyware and makes those activities criminal offenses. The legislation also authorizes $10 million to the Department of Justice to combat spyware, pharming and phishing scams. (Here's the actual bill in Acrobat PDF format)
The Can-Spam Act passed last year has been, for all general purposes, ineffective because there's been no enforcement. At the urging of so many constituents, Goodlatte's H.R. 744 actually becomes the first ever to actually fund the law's enforcement. (See: Goodlatte "Spyware")
During his time in Congress, Bob has made a name for himself as a leader on Internet and high-tech issues. He is Co-Chair of the Congressional Internet Caucus, and Chairman of the House Republican High Technology Working Group. He was also selected by Speaker Hastert to serve on the House Republican Cyber-Security Task Force.
We urge you to get out and contact your representatives to support and pass H.R. 744. At right are links to your legislative representation.
Is Someone "Phishing" for Your Information?, or [PDF]
How Not to Get Hooked by a 'Phishing' Scam, or [PDF]
Spyware, or [PDF]
See: FTC Internet Crime Alerts
It seem like an uncomprehensible statement, but look closely and you may realize it could be true. Now the only question is: what do we plan to do about it? This month's 60 Second Window looks at online crime...
www.60-seconds.com
Please add your comments or recommend good links.
Return to: the top of this page, or the INDEX for this department
Exit to: The User Group Network front page
Contact: The Editor, Webmaster or Membership Director