The Pharming Threat Grows

By Matthew Harwood

If you're among the growing number of people that use the Internet to manage their finances, the Press Trust of India (PTI) is warning you to beware of "pharming."

What's pharming, you ask? Former Security Management Associate Editor Peter Piazza explained this "new" scam way back in 2005.

“Pharming is ‘phishing’ without the lure,” says Scott Chasin, chief technology officer with MX Logic. In this case, the attacks are on the navigational structure of the Internet, targeting the domain name server (DNS) system that translates names such as “ managem” into numeric IP addresses. As a result, someone who types in that Web site address will end up being hijacked to an alternate—fake—site that looks like the real thing.

For instance, if hackers have compromised my DNS server and replaced the IP address of my legitimate bank with a new IP address to their fake Web site, which accurately recreates my bank's Web site, they can capture my user name and password.  With that information, they can then access my real bank account and drain it, steal my identity, or commit other types of fraud.

As Deepak Maheshwari, director of corporate affairs for Microsoft Corporation Limited, explained to PTI "This is just an extension of phishing which has a motive of making money."

There are ways to protect yourself though, according to CNET's Defense in Depth blog.

The best way to prevent becoming a victim is to change your network router's default password. Default router passwords are not a secret and are available on the Internet, so if you haven't ever changed your network router's password, now is a good time. Syamntec's [Zulfikar] Ramzan further recommends performing a hard reset of your router first, just in case you are already compromised.



View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.