Content

Phish Pharming bad for user’s wealth

Share

The next generation of phishing attacks will maliciously redirect users to bogus web sites when they try to visit legitimate sites, email security firm MX Logic warned.

Dubbed "pharming" by MX Logic, the new attacks use malware or DNS cache poisoning to redirect users to fake sites in an attempt to steal personal data. Unlike phishing, they will not rely on end users clicking on a link in an email.

"Because there's no social engineering to it, even the most advanced user can get caught in this," said Shaun Bryant, MX Logic director of threat management.

No one has put together all the necessary parts for a pharming scam but attackers likely will use a worm or a bot network to unleaseh a large-scale attack eventually, he said.

Any operating system or browser is susceptible, Bryant added.

Prevention will require an industry solution rather than something end users can do, he said. Two-factor authentication or an authentication scheme for web sites that is similar to email authentication protocols are possible solutions.

"Mostly what needs to be done is information. People need to realize that any infomraiton they move over the internet can be insecure," Bryant said.

Pharming appears to be a variation of a few things combined together and could be one way phishing evolves, said Vincent Gullotto, vice president of AVERT, McAfee's research division.

"The phishing element, which is pretty strong now, may not sustain itself in the present guise. It may not look the same later this year and this may be some variation," he said.

For example, a user could simply launch a browser, which an attacker has already hijacked via a vulnerability or Trojan that works in the start file or host file to take a user to a site, he said. "And you never did anything except maybe launch a piece of adware."

www.mxlogic.com

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.