Threat #3: Spoofing, Phishing And Pharming

Threat #3: Spoofing, Phishing And Pharming

• Spoofing is an attack in which a person or program masquerades as another.
• A common tactic is to spoof a URL or website (see phishing).
• Phishing (pronounced “fishing”) is a common form of spoofing in which a phony web page is produced that looks just like a legitimate web page.
• The phony page is on a server under the control of the attacker.
• Criminals try to trick users into thinking that they are connected to a trusted site, and then harvest user names, passwords, credit card details and other sensitive information.
• eBay, PayPal and online banks are common targets.
• Phishing is typically carried out by email or instant messaging.
• The email message claims to be from a legitimate source but when the user clicks on the link provided, he or she lands on the fake web page.
• Pharming (pronounced “farming”) is an attack in which a hacker attempts to redirect a website's traffic to another, bogus website.
• Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software.
• DNS servers are computers responsible for resolving Internet names into their real IP addresses — the servers are the “signposts” of the Internet.
• Danger level: High
• Prevalence: Extremely High

Spoofing, Phishing, Pharming – Cont’d

Worst case damage:

• Once personal information is acquired, spoofers, phishers or pharmers may use a person’s details to make transactions or create fake accounts in a victim’s name.
• They can ruin the victims’ credit rating or even deny the victims access to their own accounts.

Most Common Computer Security Threats (Spyware)

THREAT #4: SPYWARE

• Spyware is software that is secretly installed on a computer without the user’s consent. It monitors user activity or interferes with user control over a personal computer.


Download 1,39 Mb.

Do'stlaringiz bilan baham: