Matthew Sgherzi's Blog
Technology, Security, Religion etc.
Real Name: Matthew Sgherzi Gender: male Member Since: June 24, 2006 Last Signed In: March 12, 2008 Profile Views: 3088 Blog Views: 6421 Looking for runners with Nike+iPod devices! Wireless Security 101 Why you cannot enter Heaven on the basis of what you do. 5k FireCracker Run!! United States of Christ Phishing vs. Pharming Easter: God's love for us is unlike any other! Securely deleting files and wiping your HDD Good vs. Bad - Security Software PT. 2 --Continued Good vs. Bad - Security Software PT. 1 November 06 December 06 January 07 February 07 March 07 April 07 May 07 June 07 July 07 August 07 September 07 October 07 November 07 December 07 January 08 February 08 March 08 April 08 May 08 June 08 July 08 
RSS 2.0    |
|
|
This video is for all of our Soldiers serving in the Military in the United States. Video link: http://youtube.com/watch?v=... Getting your passwords or information stolen can be a frustrating experience for any user of technology. But you ask the question to yourself "How? When? Why?". There are many ways this can happen, and many places that this can happen on. MySpace is the first that comes to mind. Then you have Yahoo!, Hotmail, AOL, GMail, Facebook, the list goes on and on. I will continue to explain two of the most clever ways this is done and hopefully answer those questions that you may be scratching your head about. Phishing
One of the most simplest yet clever ways of stealing another user's password is when a malicious user creates a page that looks exactly identical to the login page of that particular website. Say MySpace for example, someone posts something where they believe the other user will open it, say a website. When that particular user clicks and opens the website it'll ask you to please login again. However, that page that asks you to login once again can be a malicious fake login page that is created to steal whatever you input. You might say "Sure but this look exactly like the real login page!". And this is true. Malicious users have become very clever, and this is not anything new. This is what is called "Phishing"(fishing). Phishing has been around for quite some time now, but how can you protect yourself against phishing? How will you be able to tell the difference between a fake login page and the real deal? I'll explain. Each and every single time a website comes up asking you to log in you need to ALWAYS look at the top and read what the URL shows. For example lets say you are on MySpace or AOL and you get a message from one of your friends(whose account has been broken into and is someone else trying to break into other accounts) saying something like "Hey check out this site" or "Hey watch this really funny video I found" or something along those lines and you they give you a website to check out. Naturally you are going to think nothing is wrong because this came from somebody you know. So you open it and goto the website they gave you and it asks you to re-login again, what should you do? Read the URL. If you're on MySpace it needs to say "http://login.myspace.com&qu... and if it does not say "login.myspace.com" then you are most definitely on a fake phishing page. Because the phishers can create everything that is exactly identical to the real login page with the exception of the url name, the url will probably show where they uploaded it to, or perhaps if they actually bought a domain it will show that. Phishers have tried to taken it a step further where they are actually registering domains that trick you into thinking it says "hotmail.com" or "login.myspace.com". By registering a domain that says perhaps "login.mypsace.com" you could be easily mistaken for the real thing because it happens to say "mypsace.com" rather than "myspace.com". Since they replace a couple of letters you take a quick glance at it and don't even notice the two letters and you think you're really on myspace.com, when in reality you are on a fake login page that will capture whatever you input into that login screen. This why you need to be extremely careful when reading what the URL says and making sure it says exactly "hotmail.com" or "login.myspace.com" or "GMail.com" because if not, and you really think you are on a real login page, your password is going to be stolen and sent back to that person where your information could be obtained and who knows what else. Pharming Phishing is a sneaky, clever, yet simple way of stealing someones password and many companies now are trying as hard as they can to crack down on this. But there is yet another danger that is hidden and not known about, called "Pharming". What is Pharming? Pharming is like Phishing, the real login page will look the same and will steal your information but with one exception...the URL will be authentic to the real website. Meaning you will not know the difference between this and a real login page because the URL will not be any different and chances are if the malicious user who created it is experienced the source code will not be any different either. Then how can you possibly protect your account from something like this? Well it's much more difficult to detect and Pharming isn't something that many users know much about. Think of a phishing page that is actually installed on your computer. This is much different in the sense that Phishing only occurs when you click on a link that contains the fake login page. However, you could type in "yahoo.com" or "myspace.com" and it'll bring you to a page that looks exactly to a tee like the real page, but it is in fact another fake login page where if you login you will be sending that information back to the user who created it. So how can you even detect that you have been a victim of Pharming? Well it all depends on how it is design to re-act. You can consider Pharming a Virus, and the only reason it will not be caught by your anti-virus is because more times than none it is a homemade virus. Homemade viruses and mal-ware will not be caught by any type of security application...but I'll cover that in another article. For now we need to cover on how to detect Pharming. Now Pharming can be detected in a number of different ways. For example, say you open your browser and type in "mail.yahoo.com" which is the website for logging into your email account for Yahoo! and you see the login page load, right? Okay no problems. Except that once it is finished loading you will see it re-load again. Many users ranging from beginners all the to experienced many times unless they know what Pharming is will not even notice this nor pay any attention to it. Another way to tell if you have been infected with a Pharming page is if you goto a website and login and hit submit like you always do and suddenly after hitting "Submit" or "Login" or whatever it says you will see it load then it will return back to the login page again like nothing even happened. We know what Pharming is, and we now know how to detect it, we know what it does, now the only question that remains is how to avoid or rid yourself of anything on your computer that is causing "Pharming". The best defense against Pharming is to not get infected to begin with. It is a good ahcnce that you might have gotten infected by downloading something you shouldn't have. These things can range from an email attachment, to third-party software, to P2P applications, all the way to torrents. The simple fact is that you never download email attachments from anyone you do not know, and if you do not know the person, don't even open up the email...simply delete it. Even if it is from somebody you may know, that person could have gotten infected with something or their account broken into and they sent this to you so they can also break into yours. Who knows how many others received an email from a frienmd or relative or co-worker thinking it is legitimate only to find out much later on(or if at all) that it was not who they thought it was and it was a ploy used only to break into your account for malicious purposes. To rid yourself of Pharming can be a very tedious process. If you believe you have been a victim of Pharming the chances are great that you are using "Windows" and the chances are even greater that you are using an "Administrator" account. By default when you use Windows you are automatically a system "Administrator" with Administrator privileges. Simply create another account in Windows by going to Start>Control Panel>User Accounts>Create a New Account(this varies with each version of Windows). When you created a new account make sure you select it to be a "Limited" account and not an "Administrator" account. You are essentially creating a new Windows account which is "Limited" meaning the privileges are so limtied that if you get infected with Pharming or 90% of any type of malware that it will not be able to function simply because it will not be able to bring up a Pharming page because the virus can not operate correctly. Now a limited account is great for combatting viruses and such, but it is very limited on the way you can use Windows. So if you need to update anything or do anything where you need Administrator privileges simply switch back to your old account, do what you need to do and make sure you always "Log Off" of your Administrator account. And please once again, ditch Internet Explorer and always use the latest version of "Mozilla Firefox" at mozilla.com. Unless users are educated about Phishing and Pharming then anyone who wants access to an account is probably going to get it. And about 80% of the time a user has been Phished of their password, the real owner of the account does not know that this has taken place. I hope you all are educated enough now to be able to keep your accounts and information out of the hands of identity theives, hackers, and online terrorism. If we don't in turn educate those who are victims or those who could be infected then this will just continue to be a growing issue. |