Most online fraud occurs as a result of phishing, a technique that mimics a genuine website such as that of a bank. It entices genuine account holders to part with sensitive information like account numbers or credit card details that are later used in fraudulent purchases.
Many phishers will create a site which looks like the real deal, but they will not own the domain name, for example xgate and so will rely on an IP address.
Pharming poses the same threat as phishing, however it is far more sophisticated in its approach, which means it is less noticeable to victims. Identity thieves attack computers that connect to network hardware using factory installed passwords.
The pharming attack redirects a user to fraudulent sites once they have visited a booby-trapped webpage. Pharming changes the Domain Name System (DNS) which is a system that computers use to translate a web address such as Xqate and then take the surfer directly to the specific computer that contains the website.
Instead of the DNS sending users to the legitimate banking sites, it directs them to an imitation site, where they will be asked to enter their login credentials before being informed that the site is currently down. The unsuspecting user is left in the dark to the fact that they have just passed their details to fraudsters.
The attack relies purely on a user not having changed the default password on a piece of hardware such as their modem provided to them by their Internet Provider. Up until now, the easiest way to change has been to either refer to the user guide or contact the Internet Provider. However, even though users can change their passwords, it is only a matter of time before another trap is set and banks and consumers alike are being defrauded of their money.