Sunday, March 20, 2005

Pharming fraud, when do we start throwing cyber crooks in jail?

Monitrotran points to Pharming - a new technique for Internet fraud:

Basically, pharming involves interfering with the name resolution process on the Internet. When a user enters an address (such as www.pandasoftware.com) this needs to be converted into a numeric IP address as 62.14.63.187. This is known as name resolution, and the task is performed by DNS (Domain Name System) servers. These servers store tables with the IP address of each domain name. On a smaller scale, in each computer connected to the Internet there is a file that stores a table with the names of servers and IP addresses so that it is not necessary to access the DNS servers for certain server names.

Pharming consists in the name resolution system modification, so that when a user thinks he or she is accessing to bank's web page, he or she is actually accessing the IP of a spoofed site.
Phishing owed its success to social engineering techniques, despite that not all users take the phishing bait, and so this success was limited. Also, each phishing attack was aimed at one specific type of banking service, further reducing the chances of success. Pharming on the other hand, can affect a far greater number of online banking users.


By failing to prosecute spammers when the practice first emerged (and almost all spam is attempted fraud, so there was no need for new legislation) we encouraged the spread of these practices.

No comments: