Pharming

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called “phishing without a lure.”

In phishing, the perpetrator sends out legitimate-looking e-mails, appearing to come from some of the Web’s most popular sites, in an effort to obtain personal and financial information from individual recipients. But in pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.

A particularly ominous pharming tactic is known as domain name system poisoning, in which the domain name system table in a server is modified so that someone who thinks they are accessing legitimate Web sites is actually directed toward fraudulent ones. In this method of pharming, individual personal computer host files need not be corrupted. Instead, the problem occurs in the DNS server, which handles thousands or millions of Internet users’ requests for URLs. Victims end up at the bogus site without any visible indicator of a discrepancy. Spyware removal programs cannot deal with this type of pharming because nothing need be technically wrong with the end users’ computers.

Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent Web site, criminals have the information and identity theft can be the end result.

無誘餌釣魚欺騙

無誘餌釣魚欺騙是一種詭秘的做法，其中惡意代碼裝入個(gè)人計(jì)算機(jī)或服務(wù)器，在不知不覺中或者未經(jīng)用戶同意將用戶錯(cuò)誤地引向騙人的網(wǎng)站。它被叫做“無誘餌的釣魚”。

在釣魚式欺騙中，為了從收信個(gè)人那里獲得個(gè)人和財(cái)務(wù)信息，作惡者發(fā)送似乎是合法的電子郵件，看上去這是來自某個(gè)最流行的網(wǎng)站。而在無誘餌釣魚欺騙中，由于它不是一個(gè)一個(gè)地針對(duì)個(gè)人，受害方絲毫不會(huì)懷疑這些行為，所以會(huì)有大量的計(jì)算機(jī)用戶受害。其中一種無誘餌釣魚欺騙的形式就是，隨電子郵件發(fā)出的(惡意)代碼修改個(gè)人計(jì)算機(jī)上的本機(jī)主文件。該主文件將URL轉(zhuǎn)換成計(jì)算機(jī)訪問網(wǎng)站的數(shù)碼串。擁有修改過的主文件的計(jì)算機(jī)會(huì)去假冒的網(wǎng)站，即使用戶鍵入了正確的因特網(wǎng)地址或者點(diǎn)擊了受影響的書簽條目。有些消除間諜件的程序能糾正此種破壞，但除非用戶改變了瀏覽的習(xí)慣，否則它還是會(huì)頻繁發(fā)生。

一種特別惡毒的無誘餌釣魚欺騙手段叫做域名系統(tǒng)中毒，這時(shí)服務(wù)器中的域名系統(tǒng)表被修改了，這時(shí)那些認(rèn)為自己在訪問合法網(wǎng)站的人實(shí)際上被引導(dǎo)到了假冒的網(wǎng)站。在這種無誘餌釣魚欺騙中，個(gè)人計(jì)算機(jī)的主文件不必被修改。相反，問題出在了處理成千上萬因特網(wǎng)用戶的URL請(qǐng)求的域名系統(tǒng)服務(wù)器上。受害者最終在感覺不到任何異樣的情況下上了假網(wǎng)站。消除間諜件程序?qū)Υ祟悷o誘餌釣魚欺騙是無能為力的，因?yàn)閺募夹g(shù)上講不需要最終用戶的計(jì)算機(jī)出錯(cuò)。

一旦諸如信用卡號(hào)、銀行賬號(hào)或口令等信息進(jìn)入了假冒網(wǎng)站，罪犯就擁有了這些信息，身份失竊就是必然結(jié)果。