Hackers and Identity Theft - Phishing

It is true that with the emergence of the Internet came along a new method of identity theft and it is termed phishing. No, not fishing-although it does sound the same and the concept is similar.

A phishing attack is so named because people cast the bait on the internet via email in hopes that you will bite. If you do so, they can lure personal information out of you to aid in the theft of your identity. These scams are much more recognizable now, however there are new phishing attacks that are created daily, including some that involve major companies asking you to verify your account information.

Phishing is now considered ‘kid stuff’ compared to the newer techniques that are being used by these online criminals. Nowadays, you don’t even need to click an email link to give your personal information-this new technique is called pharming. The term pharming is just a new name for the relatively old concept domain spoofing. Basically they work quietly to redirect your web request to a different site by poisoning your Domain Name Server. As far as your browser is concerned, you are connected to the correct site. The big problem is that you can’t tell you aren’t on the right site just by looking at your browser’s address bar. Everything may look completely legitimate, and with most new pharming schemes, they are created to be as close to the legitimate one as possible. In order to remove pharming as a threat, servers would have to add another layer of authentication to their websites-essentially proving to you that they are who they say you are and establish a trusted link between your computer and theirs. Right now, most Internet browsers have this capability, however most servers do not. Some sites offer certificates-perhaps you have seen them-a pop-up dialogue box asks if you want to trust the certificate. If the name on the certificate doesn’t match the site you are trying to access, then do not accept-this could be a possible pharming scam.

 

 Terms & Disclaimers