Pharming - so named because scammers plant seeds and then harvest their crops- is a scam that redirects internet traffic to a computer designed to steal passwords and other personal information. This scam is so sneaky that victims don't even know they've been hit until the bills start arriving about a month later.
Experts quoted by the Sacramento Bee (3/24/05) consider pharming just one more in a fast-growing trend of internet crime, one that is closely related to another scam called phishing.
Phishing usually starts with an email that looks like it came from a trusted business, often a bank or other online financial institution. The email usually warns users that their account has been compromised and urges them to follow a link in the email to a site to provide personal information, such as username, bank account, and other identification numbers. These websites are fake; the computer hosting them is recording all the information.
Like phishing, pharming also steals personal information, but instead of using fake emails to lure users to visit malicious websites, pharming changes information in the Domain Name System, also known as DNS server. A DNS server works like a big phonebook for the internet. Here's how it works. Let's say someone enters an address such as www.msn.com.
The computer contacts the nearest DNS server and gets directions on how to find MSN on the internet. There are hundreds of official DNS servers around the world. Pharmers change the entry in a DNS server either by hacking into the system or by infecting it with a virus. Traffic is then redirected to a fake website or to a computer that records every keystroke made by the user. Several large pharming attacks have been discovered, including ones aimed at traffic going to google.com and amazon.com earlier this year.
According to the article in the Sacramento Bee, the largest pharming attack to date was directed toward Britain in December 2004. In that attack, traffic to a bank website was rerouted through a server that recorded every keystroke entered by the bank's customers. The pharmers were able to capture passwords, bank account information, user names, and other information that would allow them to steal people's identities and money.
For more information go to www.covetrix.com
Friday, October 07, 2005
Pharming Capitalizes on Phishing's Success
Voice Over Internet Protocol (VoIP) Security Risk Guidance
The ability to utilize data networks for more than internet is making its way into many financial institutions, enterprise businesses, and government agencies nationwide. Covetrix security consultants are eagerly waiting to assist your organization with the process!
The benefits of Voice Over Internet Protocol (VoIP), lower cost and increased functionality, may complicate the Risk Assessment Process. Establishing a secure VoIP and data network is a complex process that requires great effort and expertise from knowledgeable security consultants.
The Federal Deposit Insurance Corporation (FDIC) is providing guidance to financial institutions on the security risks associated with implementing VoIP. The same risks that can harm or infect Internet data networks can interfere with VoIP and cause significant operational risks to financial institutions. Exposure to viruses, worms, Trojans, and hijacking are risks that must be addressed to eliminate the possibility of privacy loss.
When an organization decides to invest in VoIP technology, the associated risks should be evaluated as part of their periodic risk assessment and discussed in status reports submitted to the board of directors. Implementation of VoIP is much more complex than utilizing data-only networks.
The National Institute of Standards and Technology (NIST) published information security standards for financial institutions to implement in conjunction with their Voice over internet protocol. For a complete list of VoIP recommendations and FDIC standards, access the complete Financial Institution Letter at FIL-69-2005.
For the complete FIL go to http://www.covetrix.com/security/portal/updates/VoIP.jsp
