Phishers move into pharming

By on

The next generation of phishing attacks will redirect users to bogus websites when they try to visit legitimate sites, email security firm MX Logic warned.

Dubbed "pharming" by MX Logic, the new attacks use malware or DNS cache poisoning to redirect users to fake sites in an attempt to steal personal data. Unlike phishing, they will not rely on end users clicking on a link in an email.

"Because there's no social engineering to it, even the most advanced user can get caught in this," stated Shaun Bryant, MX Logic director of threat management.

No one has put together all the necessary parts for a pharming scam but attackers likely will use a worm or bot networks to launch a large scale attack eventually, he said. Any operating system or browser is susceptible. Prevention could be some type of website authentication system similar to email authentication protocols.

Vincent Gullotto, vice-president of AVERT, McAfee's research division, agreed there was a threat. "Phishing may not sustain itself in the present guise," he said. "It may not look the same later in the year and this may be some variation."

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?