Phishers and Pharmers Constantly Attack Your Computer with New Twists to Their Scams

By: The Internet Safety Advocate

There are new twists on the phishing scams: Type in a legitimate web address but you are directed to a bogus site that steals your personal information. This type of scam is known as pharming. And it comes in different variations.

While phishing means sending out official-looking emails allegedly from a bank or other online business, by cybercriminals who hope to hook the unwary in an tempt to get them to visit a bogus website and type in their personal or financial data, pharming means is an attack in which a user can be fooled into entering sensitive data such as a password or credit card number into a malicious web site that impersonates a legitimate web site.

By now most users have heard about the phishing scam, but few may be aware of the new twists, the upgraded pharming scam. When unsuspecting users bite by clicking on a hyperlink in the email, they are shipped off to a bogus, but authentic-looking website, where they are asked to enter sensitive information. If they type in their passwords or account numbers, cybercriminals get that information, too.

Now phishers have been joined by pharmers, who make their scam more sophisticated by planting a seed of malicious software in the user's own computer or poisoning servers that direct traffic on the Internet. The result: You type in the correct address of a website, but the software sends you to a bogus one.

It's a rapidly growing threat and one that Internet security experts and people in the banking industry have been seeing a lot more phishing attacks rely on some gullibility of and participation by the victims. The scam is similar to the con artist games of the past, only now the game is taken to a higher level, to a technologically advanced level. But it's still the same old con game: One "smart" criminal outsmarting a gullible participant.

The cybercriminal's job: to persuade the targeted victim to click on a link within the email. However, neither of the following apparently wise choices serves as protection against a pharming attack:

* failing to click on such links, or

* deleting the email.

Here's how the scam works:

The cybercriminal rely on the fact that the word address you use, such as, is connected to a distinct numerical address, like a browser to the right website. Pharming replaces the number with a fraudulent one, sending you to a criminal site instead of the real one.

Besides keeping antivirus and antispyware programming up to date on their personal computers, users have few other ways to defend themselves from pharming. However, any site that conducts financial transactions should be able to maintain a secure Web site, Internet security experts say. The corner of the browser should display a padlock symbol, and the address in the address bar should begin with "https," not simply "http". To determine if you're at the real site, click on the lock symbol and make sure it displays the address you expect.

Another kind of pharming, sometimes called "domain spoofing", "domain poisoning", or "cache poisoning". These are attacks poison the servers that route traffic around the Internet. These so-called domain-name system (DNS) servers also link the word address to its underlying numerical address. To corrupt a DNS takes significantly more expertise and more access than attacking personal computers, says Peter Cassidy, secretary-general of the Anti-Phishing Working Group. That's why cybercriminals first will try to get into individual computers.

Personal computers are the low-hanging fruit that the cybercriminals will attack in their initial attempt, but they've been known to try anything that works. Some servers are hard to crack, but others may be easy because they don't keep their defenses up-to-date.

Unlike the traditional landline telephone system, which was built from the outset to be a commercial enterprise, the Internet was designed to make sharing of information between scholars and researchers fast and easy, not to secure financial transactions.

As the internet continues to evolve, new layers of security continually must be added because cybercriminals are constantly probing for weak points.

The Anti-Phishing Working Group reports that the number of new phishing messages rose by an average 38% per month in the last six months of 2004. And pharming was one of the top five Internet scams in March 2005, says a recent report from the National Cyber-Forensics & Training Alliance, a nonprofit arm of the Direct Marketing Association. Internet fraud in general, which includes phishing and pharming, cost merchants $2.6 billion in 2004, $700 million more than in 2003, according to CyberSource, which processes Internet financial transactions.

One pharming technique is to flood the DNS server with messages to trick it into saving false information that will send users to a bogus site. Then in many cases the cybercriminals try to bounce you back to the real bank's website, so that you're not aware that anything has happened.

Phishers and pharmers set up their fake Web sites for only a few days or even a few hours, and then move on before they can be found out.

But even if cybercriminals can't get at your personal computer or the DNS server, they can always hope that you just can't spell. For example, a malicious Web site had been set up at, just one keystroke away from the famous and legitimate site. Users who accidentally go to the bogus site using the popular Internet Explorer browser immediately will find their personal computers inundated with spyware, adware, and other malicious software that tried to secretly load itself onto them.

Before long, the bogus site will disappear. This scamming technique isn't new. Similar attack sites have been created just-a-slip-of-the-finger away from popular and legitimate sites such as, and

The cybercriminals behind the malicious sites can be operating in secrecy anywhere in the world from South Korea to Brazil to Russia. The personal computer operating the site could be a zombie computer, one being remotely controlled without the user's knowledge.

To protect yourself, you need an Internet security team of experts making sure that you, your family, and your business computer are always safe and secure. The best protection you can have in today's rapidly changing world of cyber-attacks is to have expert support for all your Internet security needs that will provide technical support without any hassles and without charging you extra fees. It will become even more critical than it is today as time goes on. You need to find your own personal team of experts to rely on. If you ever have a security problem, you will want to have a trusted expert you can call for professional help, without any hassles and extra costs!

Because cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk. These cybercriminals leave you with three choices:

1. Do nothing and hope their attacks, risks, and threats donít occur on your computer.

2. Do research and get training to protect yourself, your family, and your business.

3. Get professional help to lockdown your system from all their attacks, risks, and threats.

Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVII, Etienne A. Gibbs, MSW, The Internet Safety Advocate and Educator

Article Directory:

| More

Etienne A. Gibbs, Independent Internet Security Advocate, consults with individuals, small business owners, and home-business entrepreneurs regarding online protection against spyware, viruses, malware, hackers, and other cybercrimes and pc-disabling issues. For more information, visit

Please Rate this Article


Not yet Rated

Click the XML Icon Above to Receive Security Articles Articles Via RSS!

Powered by Article Dashboard