Phishing and Pharming

Phishing
Phishing is the digital representation of social engineering tactics. The ploy involves tricking Internet users into providing confidential information, believing that the website requesting the information is legitimate. In fact, these Phishing sites are cleverly designed forgeries. The sophistication of these attacks continues to increase and the line between malware and phishing is blurring.

One of the largest criminal platforms for phishing and spam has been labelled by anti-virus software companies as “Avalanche.” It is believed that Avalanche is operated by a group of miscreants who run their criminal enterprise like any legitimate software company. Avalanche uses a technology that is specifically known in the security community as a “fast flux botnet.” The botnet is large and compromised of geographically diverse “zombies” (infected computers). The botnet also possesses powerful functionality (known as “fast flux”) that allows phishing websites to avoid take down efforts much longer by constantly migrating the website’s address to a different zombie in the botnet. The Avalanche owners generate revenue by leasing their expansive botnet platform to criminal customers for a wide array of wickedness. The flexibility of this particular botnet ensures owner attribution efforts are especially difficult.

Phishing has given birth to Pharming and Smishing, two practices explained in more detail below:

Pharming typically involves changing the internal settings on a victim’s computer thereby bypassing a victim’s legitimate address query functionality. For example, a victim may open a web browser and request hsbc.com. The website loads and while the page appears to be hsbc.com, it is in fact a Phishing site. The user is seamlessly delivered to a spurious website because the victim computer’s internal settings were changed to redirect specific website requests to malicious websites that appear legitimate.

Smishing is Phishing across mobile phones. Smishing involves spamming SMS (mobile phone text messages) messages to a large pool of mobile phone numbers with a social engineering message and a corresponding website link to visit. Fortunately consumers appear to be much more wary of unknown mobile phone message senders vs. unknown e-mail senders. If mobile phone identity becomes a future challenge, then Smishing will become more interesting to criminals.