Phishing, Pharming, Vishing
The appearance of Internet and the wide connection and interconnection of networks helped attackers thinking of wider and massive attacks, which can reach more users and systems and cause bigger damages. In certain situations, attackers have no idea of the targeted machines and try to hit the maximum number of computers and make sure the malicious code reaches more and more machines. A good example of this is the Morrison worm, which was the firstly recognized massive attack. Different kind of attacks exist nowadays, such the viruses, spams, phishing, DOS or DDOS …etc.
If we think about phishing in another context rather than computing, the first image I get in mind is the fish phishing using a hook. This has been applied to computer systems, where the attackers (called also phishers) try to collect illegally a set of critical data (password, credit cards’ number, encryption keys…etc.). Nowadays, most of the communications are done throw emails. Attackers tries to get first of all an email address that can be trusted by most of users. (I personally got couple of emails from addresses such MicrosoftActivation@gmail.com, ClaimYourPrize@hotmail.com, Winning5478@yahoo.com) those could pass for some un-warned users without doubts. Generally the emails contain some links which points to a fraudulent web site that has been designed exactly as the original one, and ask the user to populate different fields and submit a form, the fields might contain some critical data, which gets sent to the attacker when the form is submitted (Jakobsson & Myers ,2006). One of the biggest attacks I read about couple of years, was held here in Scotland, the target was the bank of Scotland, or more precisely the bank’s customers.
Customers received an email asking them to change urgently their credit cards pin numbers throw the bank portal. A new web site has been developed www.bankofscotIand.com and was similar to the original one www.bankofscotland.com (you can see that in the first the L letter is replaced by a capital i). The email was sent randomly to different persons, the list was extracted from another source of governmental system, and contained persons who have a bank account in bank of Scotland or another bank (e.g. Lloyds). Hundreds of customers have deliberately submitted their credit cards details (number, expiry date and CCV) to the attackers.
The pharming attack is a bit similar to the phishing, where the same goal and motivations are behind. Attackers aiming to get information or critical data. However, instead of using emails, attackers try to redirect the victim(s) traffic to another host, which will make sure to retrieve the targeted data by either changing the host file or exploiting DNS vulnerabilities (Jakobsson & Myers, 2006). Vishing however target another area which is the Voice, vishing is a combination of Voice and Phishing and it uses social engineering to access confidential data over telephone systems. It can be achieved either by spoofing of identity.
Any typical phishing attack includes three key components, the lure (e.g. the email), the hook (e.g. the web site which looks exactly as the target) and the catch (the use of collected data) (James, 2005).
Protection from phishing can be achieved firstly by warning users and making sure that before submitting any information (throw a web site or over the phone) and also as mentioned in the previous week by using a certificate entities which will check that the organisation are who they claim. However, these measures do not guarantee for sure the security. Web browsers also provide a tool for security and certificate check, where users can get the details of certificates and review them.
References
– Markus Jakobsson, Steven Myers (2006). Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. John Wiley & Sons, 2006, ISBN: 0470086092.
– Rachael Lininger, Russell Dean Vines (2005). Phishing: Cutting the Identity Theft Line. John Wiley & Sons, 2005. ISBN: 9780764599224.
– Lance James (2005). Phishing Exposed. Syngress, 2005. ISBN: 0080489532.
The appearance of Internet and the wide connection and interconnection of networks helped attackers thinking of wider and massive attacks, which can reach more users and systems and cause bigger damages. In certain situations, attackers have no idea of the targeted machines and try to hit the maximum number of computers and make sure the malicious code reaches more and more machines. A good example of this is the Morrison worm, which was the firstly recognized massive attack. Different kind of attacks exist nowadays, such the viruses, spams, phishing, DOS or DDOS …etc.
If we think about phishing in another context rather than computing, the first image I get in mind is the fish phishing using a hook. This has been applied to computer systems, where the attackers (called also phishers) try to collect illegally a set of critical data (password, credit cards’ number, encryption keys…etc.). Nowadays, most of the communications are done throw emails. Attackers tries to get first of all an email address that can be trusted by most of users. (I personally got couple of emails from addresses such MicrosoftActivation@gmail.com, ClaimYourPrize@hotmail.com, Winning5478@yahoo.com) those could pass for some un-warned users without doubts. Generally the emails contain some links which points to a fraudulent web site that has been designed exactly as the original one, and ask the user to populate different fields and submit a form, the fields might contain some critical data, which gets sent to the attacker when the form is submitted (Jakobsson & Myers ,2006). One of the biggest attacks I read about couple of years, was held here in Scotland, the target was the bank of Scotland, or more precisely the bank’s customers.
Customers received an email asking them to change urgently their credit cards pin numbers throw the bank portal. A new web site has been developed www.bankofscotIand.com and was similar to the original one www.bankofscotland.com (you can see that in the first the L letter is replaced by a capital i). The email was sent randomly to different persons, the list was extracted from another source of governmental system, and contained persons who have a bank account in bank of Scotland or another bank (e.g. Lloyds). Hundreds of customers have deliberately submitted their credit cards details (number, expiry date and CCV) to the attackers.
The pharming attack is a bit similar to the phishing, where the same goal and motivations are behind. Attackers aiming to get information or critical data. However, instead of using emails, attackers try to redirect the victim(s) traffic to another host, which will make sure to retrieve the targeted data by either changing the host file or exploiting DNS vulnerabilities (Jakobsson & Myers, 2006). Vishing however target another area which is the Voice, vishing is a combination of Voice and Phishing and it uses social engineering to access confidential data over telephone systems. It can be achieved either by spoofing of identity.
Any typical phishing attack includes three key components, the lure (e.g. the email), the hook (e.g. the web site which looks exactly as the target) and the catch (the use of collected data) (James, 2005).
Protection from phishing can be achieved firstly by warning users and making sure that before submitting any information (throw a web site or over the phone) and also as mentioned in the previous week by using a certificate entities which will check that the organisation are who they claim. However, these measures do not guarantee for sure the security. Web browsers also provide a tool for security and certificate check, where users can get the details of certificates and review them.
References
– Markus Jakobsson, Steven Myers (2006). Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. John Wiley & Sons, 2006, ISBN: 0470086092.
– Rachael Lininger, Russell Dean Vines (2005). Phishing: Cutting the Identity Theft Line. John Wiley & Sons, 2005. ISBN: 9780764599224.
– Lance James (2005). Phishing Exposed. Syngress, 2005. ISBN: 0080489532.
