Now there’s a new twist known as “pharming.” While not yet commonplace or widespread, some experts see it as phishing’s next logical “improvement.” It’s a bit different from phishing, and even experienced web surfers may be at risk if they’re not careful. Pharming is a malicious Web redirect, in which a person trying to reach a legitimate commercial site is sent to the phony site without his knowledge. Redirecting takes advantage of vulnerabilities in many Web browsers that allow phony URLs in the address bar and of vulnerabilities in operating systems and Domain Name Service servers. Pharming encompasses attacks on individual machines with Trojans, worms and other “malware” that targets the browser address bar, as well as wholesale assaults on a DNS server which would misdirect all web traffic routed through that server to the erroneous site. The online magazine “Eweek” notes that pharming-like attacks have already taken place: “These include an incident last November, when Google and Amazon users were sent to ‘Med Network,’ an online pharmacy. The Troj Banker A/j worm, seen last November and December, watched for users to visit specific banking sites and then grabbed the personal information entered there for use by the criminal pharmers.”

Netcraft has come up with a “neighborhood watch”-like solution with its Netcraft toolbar which alerts Internet Explorer users when they may be being directed to a suspicious site. (The Netcraft toolbar works only with Internet Explorer; Firefox users will want to upgrade to version 1.0.1 which fixes several security vulnerabilities, including the spoofing of websites. Firefox users should also consider installing the SpoofStick browser extension; visit Patrick Crispen’s Netsquirrel site for complete information.) Microsoft is promising “new levels of security” in Internet Explorer 7. Beta versions of the new IE are expected in the summer of 2005.

IT Download Home