Is a new ID theft scam in the wings?

Is a new ID theft scam in the wings?

An e-mail security executive warns that a new method of ID theft he calls 'pharming' could crop up in the near future.

'Pharming is a next-generation phishing attack,' said Scott Chasin, CTO of MX Logic Inc. of Denver.

Phishing is a social-engineering attack, often using phony e-mails to lure victims to a spoofed Web site, where personal information can be harvested.

'Pharming is a malicious Web redirect,' in which a person trying to reach a legitimate commercial site is sent to the phony site without his knowledge.

'Phishing is throwing the bait out and hoping to get a bite,' Chasin said. 'Pharming is planting the seeds and not trusting to chance.'

Redirecting takes advantage of vulnerabilities in many Web browsers that allow phony URLs in the address bar, and of vulnerabilities in operating systems and Domain Name Service servers that let a third party point Web requests to new addresses.

'We don't have any hard evidence that pharming is happening yet,' Chasin said. 'What we do know is that all the ingredients to make it happen are in place.'

Worms exist that can infect PCs to redirect Web requests. On a larger scale, DNS poisoning could redirect large numbers of users to phony sites.

In November there were reports that users trying to access Amazon.com and Google.com were redirected to an online pharmacy site. There was no attempt to fool the user about the site arrived at, but the exploit appeared to be taking place at the DNS level.

Chasin said pharming exploits could further undermine confidence in online business already weakened by phishing, and recommended three areas in which it could be combated:

  • Additional security for the browser to prevent address spoofing and verify addresses.

  • Web site authentication protocols similar to e-mail authentication schemes, in which a site would publish its IP address so it could be verified by the browser.

  • Multifactor authentication for online financial accounts, making it more difficult for ID thieves to steal the information needed to hijack accounts.


'We're starting to see some movement in this, but it is slow,' Chasin said. 'We're not trying to hawk any of these solutions. But we live in the e-mail defense world, and pharming is a tremendous threat to our world.'

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above