« New Sober Variant Seen | Main | CipherTrust: 157,000 New Zombies Every Day »

April 19, 2005

Pharming: the Latest Scam

In a play on words on "phishing", the practice of suckering victims into giving up their personal financial information via forged HTML email, it seems the latest scam is being referred to as "pharming". It's difficult to tell from the article, but it seems to involve hijacking the DNS resolvers of vulnerable systems by the usual virus/worm infection routes, then directing unsuspecting customers to fake Web sites that are difficult to tell from the real banking sites.

Perhaps the best way to catch these scams is to carefully monitor whether your bank site is secured via SSL (check the Location: field in the browser for "https" or various other signals, such as a blue padlock). The browser vendors are already coming under fire for not tracking their user's histories to provide a notice such as "the last time you visited suchandsobank.com it was via a secure channel - do you want to proceed?" (via interesting-people)

Posted by schampeo at April 19, 2005 7:18 PM

Search Blog

Browse

• Archives
• Categories
  • antispam in practice
  • consortiae
  • gripes
  • history
  • legal
  • news
  • privacy
  • project
  • security
  • spammers
  • studies and statistics
  • tactics
  • tools
  • viruses and worms

Feeds

• RSS
• ATOM

• Classifications
• News
• Request Eval