While we concentrate on protecting our computers against warms, virus, Adware, and spyware, we tend to forget Pharming and Phishing. Unlike the former threats which you can deal with by installing a firewall, McAfee, Kaspersky, and other network security protection software, Pharming and Phishing prove tough to deal with. The effect of these two threats in the computer world is rapidly increasing while the effort to understand them and deal with them continues to remain unpopular. Let’s try to understand these underrated threats.
Phishing
Here is where we find those ‘genius’ guys who have learned from the concept of fishing and put it to use in the computer world. The problem is that they use it against most of us who are not up for their game. Phishing is similar to fishing in a lake only that here fish is not the target but your data and my data are.
Phishing is a con game used by scammers to retrieve important information from unsuspecting computer users. Phisher may send you an e-mail that looks like a genuine one from a legitimate website such as Amazon, PayPal, or even a banking institution. This e-mail will contain a link with a message asking you to click on it to update your information. (Up to this point if you have not suspected the mail, then you are in for a surprise). Upon clicking the link, you will be directed to a website looking exactly like the genuine website you were expecting. The website will ask you to enter your username and password. Some may ask for more details such as your full name, phone number, address, credit card number, and even social security. However, by just entering your username and password, the phisher behind the whole scam is smart enough to retrieve more information by logging into your account.
These proxy websites may seem surprisingly genuine. However, if you are keen and know to identify them, you can easily detect them. So how can you know that the e-mail and the website are not legitimate?
For one, if you have not tried to change your preferences the last time you visited the website and you receive such e-mail, then you have a strong reason to doubt it. Most of the website administrators send a mail with a link that helps you change your details when they first receive the request from you. If you would want to change your password or username or credit card information, the website admin cannot initiate this for you.
Secondly, check the URL in the address field provided and compare it with the normal URL that appears when you directly search the website from the browser. If the URL differs even with one character, this is definitely a hoax. For example, the legitimate Amazon link looks like this https://www.amazon.com/. When you see https://www.amazone.com/ you might quickly think it is similar, but check the added ‘e’ after ‘n’ in ‘Amazon.’ Just that single letter can cost you your data security. You should be very aware of this. Again, if you see the URL contains an IP address, such as 12.30.339.107 instead of the domain name, then know it is not a legitimate URL.
Learn to Avoid the Trap…
Whenever you find an e-mail that is asking you to update your information and you think it might be valid, just type the legitimate website’s URL on your browser and access the site that way. Try to match it up with the address you are clicking and if you see any difference with the legitimate URL then do not follow through with the process. Also, note that most legitimate companies will address you with your full name as indicated in their database systems. If the e-mail you receive does not address you with your full name, you have a legitimate reason to question it.
Use these tips and always be careful with unexpected e-mails from popular “corporations.”
Pharming
Pharming is another serious way cybercriminals use to manipulate other internet users. Pharming is perhaps more difficult to deal with as compared to Phishing. While Phishing attempts to lure the internet user into visiting a fake website to retrieve your personal data, pharming redirects users to fake websites without their effort or knowledge. Have you ever entered the correct URL of a legit website and still found yourself browsing a fake website? That was pharming at work.
A typical website uses a domain name for its address. However, its actual location is determined by an IP address. When you type a web address and click the search button, the domain name of the web is translated into an IP address through a DNS server. The web browser then connects to the server at this IP address and loads the data in the web page. After visiting any website, the computer stores the DNS entry for the site in a DNS cache. By keeping the DNS cache for your searches, the computer does not have to keep following the initial process of accessing the DNS servers whenever the user visits the website.
The basic principle behind the pharming process is “poisoning” the user’s local DNS cache. A cybercriminal may send you an e-mail virus that corrupts the DNS entries or even host file such that whenever you try to access a legit website whose DNS cache entry has been entered, you are redirected to another web page. For example, instead of having the IP address 17.276.3.185 direct to https://www.ebay.co.uk/ it may direct to another website.
Pharming can also poison entire DNS servers such that any user who uses the affected DNS server will be redirected to the wrong website. The good news is that most DNS servers are equipped with security features that protect them against such attacks. Still, they are not completely immune since hackers are also working continuously to gain access to them.
Pharming may not be as common as phishing. However, it poses a bigger threat since it can affect many people at once, especially, when a DNS server is modified. Therefore, when you visit a certain website and you realize that it is different from the one you are after, you are most likely a victim of pharming.
Pharming technique can also be used by advertising agencies to direct the users to the advertisement pages. This may sound like you are at a lesser risk but the fact is that your data is still not safe and someone may easily retrieve it.
Keeping yourself safe from pharming…
Do not entertain redirections of your searches. When you notice that whenever you search a web page, you automatically get directed to another site, restart your PC and clear the DNS cache to be on the safe side. You can also run an antivirus program to destroy the virus that is poisoning the DNS cache entries. You can then reconnect to the website.
In conclusion…
Phishing and Pharming are commonly used methods by hackers to access the personal data of internet users. These methods may look simple and less serious from the web user’s side but actually, they greatly threaten the privacy of the user. Now that you know, try to be more mindful especially when the above mentioned signs are present.