|
A dramatic one-two punch—in the form of phishing and pharming attacks—continues to plague businesses, government agencies and individuals. As these threats continue to evolve, unsuspecting consumers and organizations need to take proactive steps to stay ahead of these increasingly sophisticated threats.
Most pundits advise users to make sure their systems have updated anti-virus, anti-spyware and firewall software installed and active. That’s good advice, but it doesn’t negate today’s latest threats. “You can’t apply a 1990s approach to today’s Internet security issues,” asserts Ed Golod, president of Revenue Accelerators, a consulting firm in New York that assists business and technology executives with strategic planning.
Current and Future Threats
Phishing and pharming are terms that describe how hackers gather and leverage personal information over the Internet, typically for financial gain. The typical phishing incident involves a fraudulent e-mail sent to thousands of potential victims. The message—allegedly from an ISP, online store or bank in most cases—typically urges users to update online passwords or share financial information. The message includes links to fraudulent Web sites that look legitimate (i.e., imitations of eBay.com, Amazon.com, etc.). From there, site visitors are tricked into sharing login information, and the hackers are free to exploit users’ legitimate accounts. Pharming, by contrast, takes phishing to the next level by infiltrating DNS servers and automatically redirecting users to counterfeit Web sites. There, identity thieves can harvest users’ personal information for financial gain.
“We’re all familiar with worms and viruses that have annoying symptoms and side effects,” Golod says. “Phishing and pharming are more sinister because they are for-profit hacker attacks.”
Indeed, phishing and pharming schemes don’t discriminate, targeting everyone from corporate executives with high net worth investment accounts to students with eBay accounts. “We’re constantly educating our students about the risks,” says Jill Cherveny Keough, director of academic computing at New York Institute of Technology (NYIT). “Fortunately, our students haven’t been victimized but the number of attempted attacks seems to be escalating every month.”
Those who fall victim to phishing and pharming schemes often pay a steep price. Illegal access to checking accounts, often gained via phishing scams, is the fastest growing form of consumer theft in the United States, accounting for a staggering $2.4 billion in fraud over the past year, according to Gartner Inc., the Connecticut-based research firm.
Unfortunately, neither novice users nor Internet experts can identify a legitimate Web site URL from a fraudulent one just by looking at the content of the site. In fact, the URL and the fraudulent site itself will most likely look legitimate to all visitors.
Taking a Stand
Still, there’s no need to panic. Savvy organizations leverage policies, procedures and progressive technologies to minimize their exposure to phishing and pharming risks.
For starters, organizations should communicate regularly and openly about Internet threats. Many government organizations and colleges, for instance, have intranet and public security sites that describe online threats and countermeasures. The University of Tennessee’s IT Security Group, for one, offers a wealth of timely information to the university’s user community (see http://www.utmem.edu/comp/ITSecurity/). Similarly, NYIT communicates security alerts via e-mail and memos to all staff, faculty and students, whenever necessary.
Many organizations now distribute monthly e-mails and quarterly voice messages that remind users to visit an intranet site for updated security information. Progressive organizations also have written e-mail and Internet usage policies that all employees must read and sign (typically on an annual basis), beginning with their first day on the job.
“Written HR policies are critical,” Golod says. “People have a habit of throwing more and more technology at an IT problem. But the best defense involves a mix of timely policies and practical technologies.”
Indeed, individuals and organizations should continue to embrace and deploy anti-virus software and personal firewalls on all systems. If spyware, worms or viruses somehow manage to circumvent a system’s anti-virus software, the personal firewall will -- in most cases—block the rogue software from communicating with other systems. Moreover, the corporate network should include endpoint security software that ensures PCs and notebooks have the appropriate software and security updates in place before permitting network connectivity. This approach isolates potential problems before rogue software can attempt to reproduce unchecked across corporate systems.
Powerful Options to Combat ID Theft and Phishing
In addition to traditional security software, progressive technology companies have designed next-generation products that safeguard users from host file phishing and pharming. Host file phishing attacks are the most dangerous form of phishing because victims have no idea they are being tricked into going to a fake site. Suppose you are the unsuspecting recipient of a phishing e-mail. When you open the message, or view it in a preview pane in programs like Microsoft Outlook, a phishing program script hidden inside the e-mail then runs in the background. The program goes to the host file located within your computer's operating system, locates your bank’s legitimate web address, such as www.citibank.com, and replaces the bona fide Internet Protocol (IP) number with an IP number for the criminal’s fraudulent site. The next time you enter your bank’s legitimate web address, such as www.citibank.com, in your web browser, you will automatically be sent to the criminal's fraudulent site.
To safeguard against such fraud, innovative software can protect users’ identity and route all Internet traffic through protected DNS servers, which are secured from all known instances of host phishing and pharming attacks. Moreover, trusted Web browser add-ons can intercept browser requests before delivering the requested page to the end user. In this example, the user’s host file is never accessed, so the user is protected from potential attacks.
This type of protection is not to be confused with anti-virus software, which requires users to download software updates that block the latest worm and virus threats. Rather than “keeping up” with increasingly sophisticated new virus strains—a common approach in the anti-virus software world—you can actually add a proactive layer of defense that shields computers and users and keeps them several steps ahead of even the most clever and unscrupulous new methods of phishing and pharming. This can also protect against other forms of Internet fraud, hacking, spying and snooping. Specifically, you want software that creates an encrypted path between users’ computers and the Internet, then routes Internet traffic through protected DNS servers. The software would then intercept all browser requests before returning the pages to the end user. Because the user's host file is never accessed, people are protected.
Organizations and individuals who don’t implement these safeguards could lose a bundle. After all, it no longer takes an Internet expert to launch phishing or pharming attacks. Today, even Internet novices can leverage widely available online tools to build fraudulent Web sites, generate mass mailings and launch digital attacks. As a result, thousands of unsuspecting users continue to hand over their personal information as they surf fraudulent versions of eBay.com, Paypal.com and other online destinations. “It seems like no matter how much education you offer Internet users, someone has a lapse of judgment, clicks on a fraudulent link or opens an infected file attachment,” notes Cherveny-Keough.
That’s for sure. By the close of 2004, more than 30,000 zombie computer networks were infected with worms and viruses that could hijack user systems and steal personal information, according to Richard Clarke, the former security advisor to the President of the United States. Without proper safeguards in place, successful phishing and pharming attacks could continue to skyrocket.
Consider yourself warned.
About the Author:
Lance Cottrell is president and founder of Anonymizer Inc., a software company that specializes in online privacy and identity protection. He can be reached by e-mailing Lance@anonymizer.com.
Go Back
|
