Dr. Mercola May 14 2005 1,266 views
A new scam has hit the Internet mainstream and could be the most frightening of all. Why? Because even the most experienced Internet users could fall victim and not even know it.
It's called pharming and involves extremely skilled hackers redirecting customers who do online banking to fake sites where they can steal passwords and other sensitive information about their accounts. And unlike phishing (a scheme where users click on links to e-mails and are redirected to fake sites), pharming captures a user on his or her way to the bank or credit-card firm.
What alarms experts most is that pharming can reroute thousands of Internet users at a time, making the impact potentially massive.
Methods of Operation
According to security experts, pharmers have two main ways of operating. They attack:
The first method sends virus-laden e-mails that install small software programs on users' computers [text in blue]. Then, when a user updates personal information (i.e. aslogons, PIN codes or driver's license numbers), the scammers use the information to steal identities.
The second method takes advantage of the fact that Web sites have verbal names but reside at numeric addresses on the Internet [text in blue]. Typically, when a user types in a Web site's name into their browser, Domain Name System (DNS) servers read the name, look up its numeric address and take users to that site; however, pharmers jump in by changing the real site's numeric address to the fake site's numeric address and assault customers that way.
What's the Solution?
Companies and big organizations can ease the threat of pharming by keeping their software up to date and patched. They can also install firewalls, filter for known scams, and watch for changes in Internet protocol addresses on their servers.
Additionally, anti-pharming software is underway, including products that will display security information and show users where a Web site is being hosted.
USA Today April 22, 2005
You probably have seen many dozens of the phishing scheme e-mails by now, in which scammers seek to take advantage of the relationship most of us have with Amazon by crafting an e-mail message that looked exactly like one they would typically send.
This newest scheme is much more clever and has a much greater potential to trick you. Although I've summarized it here, it's a good idea to read this excellent USA Today piece thoroughly so you'll be up to speed on some of the newest schemes hackers use to separate you from your hard-earned money.
Also, a word of caution: Never ever key in your password and login online in response to an e-mail, even if it seems to be from your most trusted vendor. Always call them first to confirm if the e-mail is legitimate, because it probably isn't. Almost no reputable online business will ask for this information via e-mail.
Related Articles:
Read This or Risk Losing Your Money or Identity Online Is The Era Of The E-Mail Virus Over?
Read This or Risk Losing Your Money or Identity Online
Is The Era Of The E-Mail Virus Over?