Wednesday, March 4th, 2009...12:55 pm

Don’t Get Phished or Pharmed!

Jump to Comments

By Scott Gupton
Computer Engineering Teacher, New Bern High School

Just last month a good friend was the victim of ID theft.  They are still cutting up cards and on the phone for hours trying to fix the problem.

Take a look at this PDF file - a very good example of a “Phishing” site.  It is very rare to capture good screen shots of such scams.  I am working on a graduate certificate in Information Security and I was able to gain access to it via one of my classmates.

This scam has been around for years, but people still fall for it most of the time.  Most of us (including me) do not look at the “address” bar of sites that we visit.  The “perps” know this and take full advantage of it.

Tip? Always take an extra second to read the URL (web address) to verify that it is legit.  And never trust an Email from banks, the IRS, investment brokers, etc., etc.  Yes they will send you promotional emails, but they will never (usually) request usernames, passwords, social security numbers, etc.  If you’re not sure, then call the company to verify.

In addition, be aware of another attack:  Redirected Web Traffic (Pharming).  It is the same concept, but this time “perps” take advantage of misspelled words and/or typing errors.

Here is an explanation (adapted from source: Thomson Course Technology):

Users often make mistakes typing Web addresses into a browser. Scam artists capitalize on this by anticipating some of the more common mistakes, including:

  • Misspelling the address (for example, typing www.corse.com instead of www.course.com)
  • Omitting the dot (for example, typing grocerycom instead of grocery.com)
  • Omitting a word (typing only grocery instead of grocery.com)
  • Using inappropriate punctuation (typing tool’s.com instead of tools.com)

Hackers can exploit a misaddressed Web name and steal information from unsuspecting users. They do this by registering similar-sounding domain names.  When users attempt to enter the legitimate website but enter the common misspelling or typo, they are instead taken to a website set up by the hacker to deceive them. This site can look almost identical to the genuine site, so users are easily tricked into entering personal information that is then stolen.

Redirecting Web traffic is not limited to malicious attackers. Several well-known Internet service providers (ISPs) automatically funnel misspelled addresses into their own Web sites that contain a search feature to help users find the sites they originally wanted.

I hope this helps!  Make sure you read the PDF!!!

Think Smart! - Think Security!

Scott

Leave a Reply