"pharming" - GoFuckYourself.com

jimmyf · 04-21-2005, 06:20 AM

Don't know if anything has been posted about this yet.

It's the next Internet scam, and it could be the most menacing.

The reason: Even experienced Internet users can become victims and not know it.

The ploy is called "pharming" - a play off "phishing," the last Internet fraud - and it involves highly skilled hackers who secretly redirect users' computers from financial sites to the scammers' fake ones, where they steal passwords and other personal information. Even the Web address looks the same.

Unlike phishing, where users click on links in e-mails and are taken to fake sites, pharming intercepts a user on his or her way to the bank or a credit-card firm. And it potentially can affect thousands of users at a time.

"With pharming, you don't have to do anything stupid to get on the hook," said Tom Leighton, chief scientist of Internet software firm Akamai Technologies Inc. in Cambridge, Mass. "You're just swimming along and you get caught in the net."

Banks in Arizona are starting to see the problem, and large members are familiar with the scam, said Tanya Wheeless, president and chief executive of the Arizona Bankers Association. The Arizona Attorney General's Office said it heard of a case last month in which a Phoenix man lost $5,000 from his bank account after answering an online pop-up survey that purported to be from his bank.

It is just a matter of time before the scam becomes widespread, experts fear.

"If it didn't get worse, it would buck the trend of all known security problems," said David Jevans, a Silicon Valley executive who is chairman of the fraud-fighting Anti-Phishing Working Group.

The scam is so new that Internet security gurus have just started warning about it.

Akamai's Leighton told a technology conference in Phoenix in December that hackers were targeting small sections of the Internet and re-routing traffic to fake bank sites to capture users' passwords. The legitimate sites don't notice the drop in Web traffic, because it is just a fraction of the total, he said.

An anti-phishing bill introduced in Congress last month would also apply to pharming. It calls for prison time and fines for those caught phishing or pharming.

Pharmers have two main ways they operate, attacking either users' computers or the large servers that find Web sites for users, security experts say.

Project-Shadow · 04-21-2005, 06:32 AM

Simple solution would be to fix the BIND exploit, or prevent servers from getting hints and having to directly obtain data. But of course.. that would require work, so who cares, it's time for an epidemic of bank-fraud and hacked accounts =/

Doc911 · 04-21-2005, 06:32 AM

Hold up a minute...

I think I left my cane pool on the tractor.

04-21-2005, 06:20 AM	#1
jimmyf OU812 Join Date: Feb 2001 Location: California Posts: 12,651	"pharming" Don't know if anything has been posted about this yet. It's the next Internet scam, and it could be the most menacing. The reason: Even experienced Internet users can become victims and not know it. The ploy is called "pharming" - a play off "phishing," the last Internet fraud - and it involves highly skilled hackers who secretly redirect users' computers from financial sites to the scammers' fake ones, where they steal passwords and other personal information. Even the Web address looks the same. Unlike phishing, where users click on links in e-mails and are taken to fake sites, pharming intercepts a user on his or her way to the bank or a credit-card firm. And it potentially can affect thousands of users at a time. "With pharming, you don't have to do anything stupid to get on the hook," said Tom Leighton, chief scientist of Internet software firm Akamai Technologies Inc. in Cambridge, Mass. "You're just swimming along and you get caught in the net." Banks in Arizona are starting to see the problem, and large members are familiar with the scam, said Tanya Wheeless, president and chief executive of the Arizona Bankers Association. The Arizona Attorney General's Office said it heard of a case last month in which a Phoenix man lost $5,000 from his bank account after answering an online pop-up survey that purported to be from his bank. It is just a matter of time before the scam becomes widespread, experts fear. "If it didn't get worse, it would buck the trend of all known security problems," said David Jevans, a Silicon Valley executive who is chairman of the fraud-fighting Anti-Phishing Working Group. The scam is so new that Internet security gurus have just started warning about it. Akamai's Leighton told a technology conference in Phoenix in December that hackers were targeting small sections of the Internet and re-routing traffic to fake bank sites to capture users' passwords. The legitimate sites don't notice the drop in Web traffic, because it is just a fraction of the total, he said. An anti-phishing bill introduced in Congress last month would also apply to pharming. It calls for prison time and fines for those caught phishing or pharming. Pharmers have two main ways they operate, attacking either users' computers or the large servers that find Web sites for users, security experts say. __________________ Epic CashEpic Cash works for me Solar Cash Paysite Plugin Gallery of the day freesites,POTD,Gallery generator with free hosting

04-21-2005, 06:32 AM	#3
Doc911 Confirmed User Join Date: Feb 2004 Location: If i was up your ass you'd know Posts: 3,695	Hold up a minute... I think I left my cane pool on the tractor. __________________ For PHP/MySQL scripts ICQ 161480555 or email [email protected]

04-21-2005, 06:32 AM	#2
Project-Shadow Confirmed User Industry Role: Join Date: Feb 2003 Posts: 7,340	Simple solution would be to fix the BIND exploit, or prevent servers from getting hints and having to directly obtain data. But of course.. that would require work, so who cares, it's time for an epidemic of bank-fraud and hacked accounts =/