Member |
We've talked about phishing before, but have you heard of pharming? Apparently it uses fake websites to rip off consumers like phishing, but it also implants malicious software on the victim's PC that sends the consumers to a bogus site, even if they type in a correct address. The article said that in another twist on phishing, consumers are directed to bogus sites loaded with programs that spy on keystrokes and cut and paste actions. Does anyone know if this is also called pharming, or is there another name for it? The technical terminology is just exploding! | ||
|
| Member |
I'd never heard of it. But Wikipedia has a short article about pharming. The Columbia Encyclopedia has another definition, and the AHD has a shorter version. Tinman | |||
|
| Member |
Despite having a Firewall and a Virus Checker and AdAware, one of my American friends on the other Forums I belong to was a victim of something like that. No matter what URL he typed in, he kept being redirected to a porn site  . It took him several days and a lot of hard work to get back to normal again . | |||
|
Member |
An unfortunate word, because pharming is well-established as meaning pharmaceutical farming. I would suppose the hacker substitution of ph for f originates from phreaking, that is phone freaking, then took on a life of its own to indicate any kind of freaking or cracking attack. I was rather hoping my combination of firewall, antivirus, and antispyware would keep me safe. I'm not sure how they can download malware onto me in the face of that (unless of course it's newer than your latest update). But I read about DNS poisoning a couple of weeks ago: with that, you don't need any malware on your machine, but your correctly operating software is redirected by an external deception. It might be useful to find and keep some direct IP addresses (i.e. the strings of numbers) for sites you need to be sure of. A recent discussion at Freedom to Tinker discusses some technicalities of how it works and what if anything can be done | |||
|
| Member |
Interesting article, aput. I have always been leery of putting my information into the computer, but it seems as though the problem here is that you have to enter your information either in an e-mail or from a link in an e-mail. I have always wondered...do IP addresses stay the same? Let's say that I am posting from my office laptop. Will I have a different IP address on that as I do when I use my home computer? Or the library computer? | |||
|
| Member |
No, they don't. I have Moderator privileges on the other Forums I belong to and one of them is that I can see IP addresses, including my own. I've noticed that my IP address (even though I only use my home computer because I don't have a laptop and I don't go out to work) changes markedly. Sometimes the sequence starts with 81 (which it is now) and sometimes it switches to 217 or 237. I chat to an American friend in ICQ or Yahoo! Instant Messenger and sometimes we get disconnected when the IP of one or other of us suddenly changes. | |||
|
| Member |
I think if you have a broadband connexion at home, that's permanently on so would need a fixed IP address. (But I stand to be corrected.) A home user dialling up through an ISP is just assigned some currently vacant address from a block the ISP owns. In my case this expires after two hours of connexion. It redials immediately, but the address is different. So, one's own address is of no value, unless you know you've got a permanent one. The reason they're reluctant in that article to advise people to use IP addresses for banks is that e-mail phishing usually uses them for redirection. The e-mail says to please validate your details at trustybank.com but hovering the cursor over it shows an IP address in the status line, thus: trustybank.com?makenicenadsafe.asp. (Don't click: I have no idea where it'd go.) | |||
|
Copyright © 2002-12