Latest (all topics)
Top stories
Daily round-up
Web site of the day
Gadget of the day
Video of the day
Innovations
Hardware
All-in-One printer
Apple Mac
Audio
Backup
Book
Broadband
Camcorder
CD drive
Desktop PC
Digital camera
DVD drive
Gaming
Graphics card
Hard disk
Input device
Laptop
LCD
Mobile phone
Modem
Monitor
Motherboard
Multimedia
Networking
PDA
Printer
Processor
Projector
Scanner
Server
Tuning
UPS
Video
Web camera
Whiteboard
Miscellaneous
Software
Apple Mac
Audio
Backup
Business
Developer
Educational
Game
Graphics
Internet
Linux
Networking
Operating System
PDA
Security
Server
Utilities
Miscellaneous
 
BIOS Podcast #10: Online Fraud
 
Online consumers are a very juicy target for cyber criminals using phishing and pharming to steal their identities and cash, so you need to be more careful than ever when you shop online.

Organised criminal gangs are targeting online consumers with ever more sophisticated blended phishing attacks, some of which even find out details of your interests and use them to generate phishing e-mails tailored to tempt you into giving away your identities.

In our day-to-day lives, both at home and at work, we are spending a great deal more of our time on our computers and on the Internet. This familiarity with technology can regrettably make people more susceptible, or worse yet - more gullible. Today consumers seem to trust technology more then they do individuals. This level of blind trust in technology, combined perhaps with our less cautious nature around the holidays, can provide a target-rich environment for cyber criminals.

Last holiday season, phishers were relying on fairly basic socially engineered e-mails (albeit with very poor grammar and spelling) enticing consumers to ‘click here’ on an embedded link within the e-mail directing the recipient to an illegitimate ‘copy cat’ Web site that looked identical to the real thing. Many Internet users were unknowingly divulging their most personal financial information: PINs, Credit Card Numbers, Social Security Numbers, Usernames and Passwords to cyber criminals.

As awareness has grown about phishing within the Internet community, the tactics used by phishers have evolved since the last holiday season to make it more difficult for the consumer to realise they are being duped. Automated URL obfuscation tools are more commonly being used now by phishers in their efforts to deceive would-be victims.

If phishing isn’t bad enough, this year, pharming will become an even bigger threat. Pharming is the technological evolution of phishing, and while it requires a more sophisticated and technically savvy cyber criminal, it is growing rapidly. Rather then a reliance on social engineering and simple browser tricks to steal your personal financial information, pharmers rely more upon their technical skills.

A skilful pharmer will take advantage of unpatched and vulnerable software using worms and viruses to compromise Internet DNS servers or host files on personal computers to transparently redirect consumers to illegitimate websites to their harvest personal financial information. Pharming eliminates any of the telltale signs that you have been directed to an illegitimate fake Web site.

Vincent Weafer from Symantec Security Response describes the various avenues used by attackers to commit online fraud.

To listen to the full Podcast [9:16 - 16.9MB MP3 file], please click here. For more Podcasts, go to biosmagazine.co.uk/podcasts. Enjoy!




 
BIOS, Mar 22, 06 | Print | Send | Comments (0) | Posted In Security
Related Articles

Defending In Depth
Cyber Security & Other Games
Second Life, Second Identity?
Don't Choke In The Name Of Security
A Baker's Dozen Of Security Bytes
Patching Up Security
Webroot Software Spy Sweeper 5.3
PC Tools Spyware Doctor 4.0
How Cybercrime Operations Work
ZoneLabs ZoneAlarm Internet Security Suite 7

More...
   
     
© 2007 Black Letter Publishing Ltd. - Disclaimer - Terms - About - Contact - Advertise - Newsletter

Hosted By Gradwell - Powered By Eclipse Internet - Sponsored By Ipswitch & Microboards DVD Duplicators