Pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called “phishing without a lure.”
In phishing, the perpetrator sends out legitimate-looking e-mails, appearing to come from some of the Web’s most popular sites, in an effort to obtain personal and financial information from individual recipients. But in pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.
A particularly ominous pharming tactic is known as domain name system poisoning, in which the domain name system table in a server is modified so that someone who thinks they are accessing legitimate Web sites is actually directed toward fraudulent ones. In this method of pharming, individual personal computer host files need not be corrupted. Instead, the problem occurs in the DNS server, which handles thousands or millions of Internet users’ requests for URLs. Victims end up at the bogus site without any visible indicator of a discrepancy. Spyware removal programs cannot deal with this type of pharming because nothing need be technically wrong with the end users’ computers.
Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent Web site, criminals have the information and identity theft can be the end result.
无诱饵钓鱼欺骗
无诱饵钓鱼欺骗是一种诡秘的做法,其中恶意代码装入个人计算机或服务器,在不知不觉中或者未经用户同意将用户错误地引向骗人的网站。它被叫做“无诱饵的钓鱼”。
在钓鱼式欺骗中,为了从收信个人那里获得个人和财务信息,作恶者发送似乎是合法的电子邮件,看上去这是来自某个最流行的网站。而在无诱饵钓鱼欺骗中,由于它不是一个一个地针对个人,受害方丝毫不会怀疑这些行为,所以会有大量的计算机用户受害。其中一种无诱饵钓鱼欺骗的形式就是,随电子邮件发出的(恶意)代码修改个人计算机上的本机主文件。该主文件将URL转换成计算机访问网站的数码串。拥有修改过的主文件的计算机会去假冒的网站,即使用户键入了正确的因特网地址或者点击了受影响的书签条目。有些消除间谍件的程序能纠正此种破坏,但除非用户改变了浏览的习惯,否则它还是会频繁发生。
一种特别恶毒的无诱饵钓鱼欺骗手段叫做域名系统中毒,这时服务器中的域名系统表被修改了,这时那些认为自己在访问合法网站的人实际上被引导到了假冒的网站。在这种无诱饵钓鱼欺骗中,个人计算机的主文件不必被修改。相反,问题出在了处理成千上万因特网用户的URL请求的域名系统服务器上。受害者最终在感觉不到任何异样的情况下上了假网站。消除间谍件程序对此类无诱饵钓鱼欺骗是无能为力的,因为从技术上讲不需要最终用户的计算机出错。
一旦诸如信用卡号、银行账号或口令等信息进入了假冒网站,罪犯就拥有了这些信息,身份失窃就是必然结果。