close print view
Social Engineering: Phishing/Pharming
Social Engineering also known as hacking humans is a technique used by hackers that rely on weaknesses in humans rather than the internet/software/hardware. The idea is to trick a company's employee into revealing passwords or critical information that may be used to compromise security.
Many organizations have reported cases involving visitors impersonating a telephone repair or network technician requesting access to a wiring closet or posing as a new employee at the help desk and asking critical information or asking to use your computer. Other techniques include posing as regular employee and mentioning that they lost their ID card or keys and gain access to the company and collect information bit by bit.
Social engineering is an easy technique by which hackers gain access despite having expensive and powerful security systems.
Social Engineering Technique: Phishing
Phishing is a criminal activity using different variations of social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by posturing as a trustworthy person or business in an electronic communication. Phishing is typically carried out using email or an instant message, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.
It is very common, that people have the same password for all their internet activity/accounts for ease of remembering. Hackers may send you an email with link to a sweepstakes website or similar website which require registration and asking to create a username and password. So always create unique passwords for your work accounts different from your other outside personal accounts and keep changing it often.
A very good discussion on phishing is available here: http://www.webopedia.com/TERM/p/phishing.html
Damages From Phishing Attacks
The damage caused by phishing ranges from loss of access to email to substantial financial loss. This style of identity theft is becoming more popular, because of the ease with which unsuspecting people often divulge personal information to phishers, including credit card numbers, social security numbers, and mothers' maiden names. There are also fears that identity thieves can obtain some such information simply by accessing public records.
Once this information is acquired, the phishers may use a person's details to create fake accounts in a victim's name, ruin a victim's credit, or even prevent victims from accessing their own accounts.
There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing.
Social Engineering Technique: Pharming
Pharming is a hacker's attack aiming to redirect a website's traffic to another (bogus) website. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses - they are the "signposts" of the Internet. The term pharming is a word play on farming and phishing. The term phishing refers to social engineering attacks to obtain access credentials such as user names and passwords. In recent years both pharming and phishing have been used to steal identity information. Pharming has become of major concern to businesses hosting ecommerce and online banking websites. Sophisticated measures known as anti-pharming are required to protect against this serious threat. Antivirus software and spyware removal software cannot protect against pharming. Pharming is becoming the attack of choice for today's hackers.
While malicious domain name resolution can result from compromises in the large numbers of trusted nodes that participate in a name lookup, the most vulnerable points of compromise are near the leaves of the internet. For instance, incorrect entries in a desktop computer's Hosts file, which circumvents name lookup with its own local name to IP address mapping, is a popular target for malware. Once rewritten, a legitimate request for a sensitive website can direct the user to fraudulent copy. Desktops are often better targets for pharming because they receive poorer administration than most internet servers.
More worrisome than host file attacks is the compromise of a local network router. Since most routers specify a trusted DNS to clients as they join the network, misinformation here will spoil lookups for the entire LAN. Unlike host file rewrites, local router router compromise is difficult to detect. routers can pass bad DNS information in two ways: malconfiguration of existing settings or wholesale rewrite of embedded software (aka firmware). Nearly every router allows its administrator to specify a particular trusted DNS in place of the one suggested by an upstream node (e.g., the ISP). An attacker could specify a DNS server under his control instead of a legitmate one. All subsequent resolutions will go through the bad server.
Protecting Against Pharming
The good news: pharming requires a lot more technical sophistication for the bad guys to pull off.
The bad news: There really isn't any protection available against pharming just yet.
If you suspect you have encountered pharming of a site, a simple windows hack will help tell.
Once the command prompt opens
If the domain name that comes up looks correct, then you are probably OK. For technologically less savvy users, it may be beneficial to instead hand over the task of detecting an attack to somebody else; a recent proposal referred to as active cookies offers pharming detection in some instances.
Copyright © 2001-2014 State of Michigan