Phishing And Fraud

Phishing is a very sneaky type of fraud conducted over the Internet. Its name is a throw back to the early days of hacking and identity theft and the practice of phone phreaking. While there can be very complicated schemes devised, they are all based on a very simple concept.

Two Pharmings
Actually, two completely different fields use the term "pharming" now. We can say there exist two separate "pharmings".

If genetics or businessmen from pharmaceutical industry are talking about pharming (spelled like that) it might have nothing to do with computers. This word has long been familiar to genetic engineers. For them, it's a merger of "farming" and "pharmaceutical" and means the genetic engineering technique -- inserting extraneous genes into host animals or plants in order to make them produce some pharmaceutical product. Although it is very interesting matter, this article isn't about it.

As for PC users, the term "pharming" recently emerged to denote exploitation of a vulnerability in the DNS server software caused by malicious code. This code allows the cybercriminal who contaminated this PC with it to redirect traffic from one IP-address to the one he specified. In other words, a user who types in a URL goes to another web site, not the one he wanted to--and isn't supposed to notice the difference.

Usually such a website is disguised to look like a legitimate one -- of a bank or a credit card company. Sites of this kind are used solely to steal users' confidential information such as passwords, PIN numbers, SSNs and account numbers.

Dangerous Scams
A fake website that's what "traditional" phishing has in common with pharming. This scam can fool even an experienced computer user, and it makes pharming a grave threat. The danger here is that users don't click an email link to get to a counterfeit website.

Phishers try to persuade you, or trick you into giving them sensitive information which they can then use to make money out of the system. For example, one very attractive target for phishers would be your paypal account. Paypal is an online payment system that allows you to put money in your account with your credit or debit card, and then basically email the money to other people's paypal accounts. It is very simple, cheap and fast and very popular for online shoppers as they do not have to give their credit card details away over the internet.

Most people enter their personal information, unaware of possible fraud. Why should they suspect anything if they type the URL themselves, not following any links in a suspiciously-looking email? If you wanted to take money out of other people's paypal accounts, all you would really need is their email address and password. Then you sign in to their account, and send the money to an account you have set up.

What phishers will do is email paypal customers with an email that looks like an official email from paypal. It will have the paypal logo and format and will look exactly like official paypal emails to customers. It may even come from an address that looks like paypal's official website. It will go on to say it is a random security check or some other technical procedure and that you are required to type in your user name and password. It will then thank you and say the check or whatever other scheme it claims to be is complete. In the meantime, the phisher will have your password and can clear out your account.

While this is a basic example, there are countless variations of increasing complexity that will be used to try and entice customers to give out bank account details, credit card details or other sensitive information. It can often be next to impossible for the average customer to detect that the email or website is not the official one of the company it is supposed to be from and they are therefore very dangerous.

Unfortunately, "ordinary" phishers are also getting smarter. They eagerly learn; there is too much money involved to make criminals earnest students. At first phishing consisted only of a social engineering scam in which phishers spammed consumer e-mail accounts with letters ostensibly from banks. The more people got aware of the scam, the less spelling mistakes these messages contained, and the more fraudulent websites looked like legitimate ones.

There has been a lot of publications of a scheme which at first was seen as a new kind of phishing. This technique includes contaminating a PC with a Trojan horse program. The problem is that this Trojan contains a keylogger which lurks at the background until the user of the infected PC visits one of the specified websites. Then the keylogger comes to life to do what it was created for -- to steal information.

It seems that this technique is actually a separate scam aimed at stealing personal information and such attacks are on the rise. Security vendor Symantec warns about commercialisation of malware -- cybercriminals prefer cash to fun, so various kinds of information-stealing software are used more actively.

However, more sophisticated identity theft attempts coexist with "old-fashioned" phishing scams. That is why users should not forget the advice which they all are likely to have learned by heart:

- Never follow a link in an email, if it claims to be from a financial institution
- Never open an attachment if the email is from somebody you don't know
- Protect your PC from malware
- Stay on the alert

If you do suspect that an email you receive is a phishing attempt then notify the appropriate company immediately. The other thing to remember is that most banks, credit card companies and other institutions now inform their customers that they will never ask their customers for their passwords in an email, nor will any of their employees ever ask for a password and therefore never give it to anyone who asks you for it.