March 4, 2011

Phishing and Pharming.


Both pharming and phishing are methods used to steal personal information from unsuspecting people over the Internet.
 
Phishing:



Phishing typically involves fraudulent bulk e-mail messages that guide recipients to legitimate-looking but fake Web sites and try to get them to supply personal information like account passwords. Phishing is used by the hackers where the Internet banking customers get mails that deceptively claims to be from a genuine source (like your Bank). Phishing is a spoofed e-mail to convince the customers to provide the confidential information like Customer ID, User-ID, and Password,Card Number, CVV, PIN etc. on the pretext of updating the customer profile. Alternatively, some times customers are asked to download and install ‘security’ software attached to the spam e-mail to gain the confidential information of the customers.

Phishing Methods:
  • Customer receives a fraudulent e-mail seemingly from a legitimate Internet address. 
  • Advises the customer to Click on the hyperlink which directs the customer to a fake web site that looks similar to the genuine Bank’s website.
  • Usually the email will either promise a reward on compliance or warn of an impending penalty on a non compliance. 
  • Customer provides personal details in good faith. Clicks on 'submit' button, but web page displays an error message. It is an indication that it is a phishing attack.
Solution:
  1. Always logon to an authorised site by typing the proper URL in the address bar. 
  2. Give your user id and password only at the authenticated login page. 
  3. Please remember that the bank would never ask you to verify your account information through an e-mail.
  4. Check your account statement periodically for the correctness of the transactions.
  5. Ensure that your browser requirement is up-to-date for accessing Net banking.
Pharming:


Pharming tampers with the domain-name server system so that traffic to a Web site is secretly redirected to a different site altogether, even though the browser seems to be displaying the Web address you wanted to visit.

PHARMING is similar to phishing but more sophisticated. Pharmers also send emails. The consumer, however, can be duped by the pharmer without even opening an email attachment. The consumer compromises his personal financial information simply by opening the email message. The pharming email message contains a virus (or Trojan horse) that installs a small software program on the user’s computer. Subsequently, when the consumer tries to visit an official web site, the pharmer’s software program redirects the browser to the pharmer’s fake version of the web site. In this way, the pharmer is able to capture the personal financial information that the consumer enters into the counterfeit web site, and the consumer’s account is again compromised.The latest form of pharming does not require email at all. Password- stealing Trojan horses can attack through Microsoft Messenger  where keyloggers are run. Keyloggers are viruses that track a user’s keystrokes on legitimate sites and steal passwords, allowing a thief to have access to a consumer’s password for future fraudulent transactions.

Solution:
  1. Be suspicious of any email with urgent requests for personal financial information.
  2. Do not use the links in an email to get to any web page.
  3. Avoid completing forms in email messages that ask for personal financial information.
  4. Be sure to use a secure web site when submitting credit card or other sensitive information via the web browser.
  5. Consider installing a web browser tool bar for protection from known phishing fraud web sites.
  6. Regularly log on to online accounts.
  7. Regularly check bank, credit card, and debit card statements to ensure all transactions are legitimate.
  8. Make sure your browser is up to date and security patches are applied.

2 comments:

is important for any reason store bank account information on your computer and let this be a troyanofraudulent bulnerado Transactions.

Pharming is a hacker's attack aiming to redirect a website's traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses — they are the "signposts" of the Internet. Compromised DNS servers are sometimes referred to as "poisoned".
http://www.usedcomputersfromwarehouse.com/

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More