Phishing, Pharming, and Vishing

Abstract

Dr (2008) explained that the term phishing comes from the fact that the scammers are fishing for users to commit their scams over the internet. Phishing attacks use malicious web sites or emails to solicit personal information or financial information where the attackers usually send an email pretending that the source of such email is from reliable sources (e.g. financial institution or reputable credit card company) that requires personal information or account information. Most of the phishing emails contains an exciting statements, and the urgency that forces the victims reply to such emails.  The damage that can be caused by phishing for any individual can be anything from losing money to unable to access the email account. Anti-phishing Working Group (APWG) is a group that brings together the businesses and the organizations that were affected by the phishing attacks in an effort to provide the required security and the security tool to prevent such attacks.

Anthony (2010) explained that pharming is new update for phishing, where scammers redirect users to bogus website that looks legitimate without their consent to gain access to an individual’s username and password of the legitimate site where such information will be captured by the bogus site. Other information that can be captures is the credit card, and the bank account to commit identity theft. Unprotected DNS server can be hijacked and users’ traffics can be redirected to a bogus site where scammers can obtain users passwords, login names, PIN numbers, and account numbers. While typical websites defined by its domain name for its address, such domain name is translated into an IP address via a DNS server and the web browser will connect the user to the site via IP address, and loads the web page data. Such DNS entry is usually stored for the visited site within the user’s DNS cache to avoid accessing the DNS server whenever the user requests the access to such sites. One of the methods that are used by the pharming is to poisons the user’s local DNS cache via a virus email and modifying the DNS cache entries.

Vishing is another electronic fraud where users will be revealing personal and financial information to an unauthorized entity. Vishing works in same way as phishing, however, instead of such scam happen over the internet it takes place using voice technology, where an email will inform the user to call a phone number, or the user will receive a voice mail to call a number where a representative will obtain personal, and banking information that can be used online to steal personal identity and money (Ollmann, 2007).

Web scams

Dr (2008) explained that while phishing email can look reliable and very convincing, there are several signs individuals should look for, some of these signs are:

  • Unsolicited email usually includes links that can direct user to bogus site where information can be stolen and computer spyware (malware) programs can be installed on the user machines.
  • Most of the phishing emails urgently seek information from the computer users where they indicate the individual’s account will be suspended or a credit card will be deactivated, and by providing the information, the account suspension will be avoided.
  • The email will show authenticity by containing the logo of the financial institution.
  • Phishing emails usually indicate their concern about the phishing emails as the phishers usually trying to gain the user’s trust.
  • Most of the links in the phishing email hiding behind its real destination which will direct the individual to unsecure webpage, and ask for username and password.
  • A survey email that will ask for personal information.
  • Email that will ask individual to verify, confirm or refresh the account information of a billing information or credit card.

With pharming takes place via email virus that might change the DNS cache in the user’s computer, one step to eliminate such attack is to refresh the DNS cash by restarting the infected computer, an also run an anti-virus program to eliminate the problem. If the problem remains, the DNS server for the ISP might be pharmed by the hackers and it’s required to be corrected (Muller, 2010). 

Cox (2005) explained that as internet users started to be wiser with phishing scams, phishing email, and spam e-mails, vishing is no longer direct users to web sites, instead they’re receiving an emails with a given phone number to call where a representative will ask the users for account information and identity information that can be used to steal money and identity.

Network and client solutions

Webroot (2004) explained that from the user prospective, it’s always important to due diligence to avoid such online scam through phishing methods, some of rules that need to be followed are:

  • Personal information can’t be provided to any unsolicited request for information. The only site that can be trusted with any personal information is the sites that have “https” in the web address.
  • Passwords used online should be complex, and avoid the questionable web sites.
  • Using of antivirus, anti-spyware and firewall is essential tools for protection.
  • Activate the phishing feature available for most browsers to examine the phishing site that individual’s might visit, or access the link via phishing email.
  • It’s important for any individual to understand that reputable organizations don’t contact their customers via emails asking for personal information that they usually have it to provide services.
  • The success of phishing attack is determined by the level of awareness that the user have about phishing and online scams. 
  • Users should install anti-pharming tools for web browsers, and also ensure that the firewall is up and running all the time (Gerber, 2008).

Anthony (2010) explained that businesses and organizations should protect their network infrastructure by implementing a high encryption levels, and also provide the security certificates to protect personal information where encryption are implemented. Also users should be aware of any unsolicited or unexpected requests that can lead to different URL other than the legitimate site. Also, ISP network, and organizations servers can be hijacked and the DNS server can be pharmed to redirect the users to a bogus website to obtain clients information and affect business continuity. It’s important for the network to implement the right tools (e.g. anti-virus and anti-spyware software) that can eliminate such attack.

Muller (2010) explained that to prevent pharming, the system should be protected by a capable anti-virus program (e.g. webroot antivirus) which can protect the system from unauthorized alterations of the hosts file. Also, patching computing and systems with the automatic security updates is another important step to prevent pharming attacks. However, pharming attacks can be more sophisticated when the attacks is targeting DNS server, and a little can be done to avoid such attack since the ISP is responsible to maintain such information. Also, many anti-viruses are capable of alerting users of landing phishing, pharming sites, and also visiting a site with “https” included in the URL not only encrypts the data sent over the network, but also authenticates the site against pharming and fishing. Other steps that any organization should take toward preventing pharming are:

  • Digital Certificates – Web site with digital certificates authentication used in any organization infrastructure is hard to be spoofed.
  • Domain name management – Businesses and organizations should manage domain names by ensuring that such domain names are renewed periodically and investigate the possibility of domain name duplicity. Also domain locks must be used to prevent unauthorized domain slamming.
  • DNS poisoning – Organizations and businesses should investigate any anomalies that might happen to their web site to address any DNS poisoning attacks promptly. 
  • Using Anonymous proxy servers to hide the identity of the IP address can be infected, and user can be visiting spoofed site, and as such; investigating such attack should be periodically (Cuadra, 2005).

Conclusion

Phishing is a cyber-crime act that creates a copy of existing legitimate web page in order to trick individuals to provide sensitive information. Phishing is usually done with email spam where millions of emails are sent to phishing personal information. It’s imperative to examine the claims that made within the email by checking the authenticity by contacting the actual source of such service. Using the phishing method; the scammer usually looking to gain access to the individual’s personal information, or obtaining the individual’s username and password for online banking site or other services sites used by such individual (SeachSecurity.com , 2000).

Pharming is a new wave of Phishing where individuals will be redirected from the legitimate site to the bogus site to obtain information from the individual such as credit card information, account information, and username and password (Muller, 2010).

Finally, vishing is difficult to be traced, and with outsourcing to other countries many services it’s harder to be investigated and detected, and as such; consumers should always suspect any unsolicited messages and investigate the source of the service to make sure that such call is legitimate. Also, it’s important for consumer to know that caller ID numbers can be faked to show a legitimate service provider on the caller ID to obtain information from the user that can be used later online to steal identity and money (Ollmann, 2007).

 References

Anthony, M. (2010) What is Pharming and How to Avoid Pharming [Online]. Available from: http://hubpages.com/hub/what-is-pharming (Accessed: 11 December 2010).

Cox, D. (2005) What is Vishing? [Online]. Available from: http://www.smellsphishytome.com/what-is-vishing/ (Accessed: 11 December 2010).

Cuadra, F. (2005) Pharming – anew technique for Internet fraud [Online]. Available from: http://www.crime-research.org/news/07.03.2005/1015/ (Accessed: 11 December 2010).

Dr (2008) What is Phishing – A Real Life Example [Online]. Available from: http://www.doughroller.net/money-management/phishing-scam-email/ (Accessed: 11 December 2010).

Gerber, L. (2008) Pharming Attacks Are on the Rise [Online]. Available from: http://www.pc1news.com/news/0241/pharming-attacks-are-on-the-rise-.html (Accessed: 11 December 2010).

Muller, M. (2010) What is Pharming? How to protect from pharming and phishing [Online]. Available from: http://www.brighthub.com/computing/smb-security/articles/46666.aspx (Accessed: 11 December 2010).

Ollmann, G. (2007) The Vishing Guide [Online]. Available from: http://www.windowsecurity.com/whitepapers/Vishing-Guide.html (Accessed: 11 December 2010).

SeachSecurity.com (2000) Phishing [Online]. Available from: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci916037,00.html (Accessed: 11 December 2010).

Webroot (2004) Phishing Scams [Online]. Available from: http://www.webroot.com/En_US/csc/computer-security-threats-phishing.html (Accessed: 11 December 2010).

Advertisements

1 Comment »

  1. Thanks a bunch for sharing this with all folks you really realize what you’re talking about!
    Bookmarked. Kindly additionally talk over with my web site =).
    We can have a link trade arrangement among us


RSS Feed for this entry

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: