Skip to main content

Don't Let Identity Thieves Have A Happy Christmas

Most online fraud occurs as a result of phishing, a technique that mimics a genuine website such as that of a bank. It entices genuine account holders to part with sensitive information like account numbers or credit card details that are later used in fraudulent purchases.

Many phishers will create a site which looks like the real deal, but they will not own the domain name, for example xgate and so will rely on an IP address.

Pharming poses the same threat as phishing, however it is far more sophisticated in its approach, which means it is less noticeable to victims. Identity thieves attack computers that connect to network hardware using factory installed passwords.

The pharming attack redirects a user to fraudulent sites once they have visited a booby-trapped webpage. Pharming changes the Domain Name System (DNS) which is a system that computers use to translate a web address such as Xqate and then take the surfer directly to the specific computer that contains the website.

Instead of the DNS sending users to the legitimate banking sites, it directs them to an imitation site, where they will be asked to enter their login credentials before being informed that the site is currently down. The unsuspecting user is left in the dark to the fact that they have just passed their details to fraudsters.

The attack relies purely on a user not having changed the default password on a piece of hardware such as their modem provided to them by their Internet Provider. Up until now, the easiest way to change has been to either refer to the user guide or contact the Internet Provider. However, even though users can change their passwords, it is only a matter of time before another trap is set and banks and consumers alike are being defrauded of their money.

Désiré Athow
Contributor

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at ITProPortal.com where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.