Fortinet Offers Tips Against 'Pharming'

by CXOtoday Staff    Jun 09, 2005

Fortinet, provider of ASIC-accelerated, network-based anti-virus firewall systems for real-time network protection has said that is FortiGate systems, which are security appliances that provide integrated security applications, help defeat the growing threat of a new form of malicious electronic crime called - Pharming.

Pharming is a highly sophisticated extension of the online confidence scam ‘Phishing’ and is best confined through a ‘blended network security response’ that eliminates threats including DNS poisoning, Trojan horse programs and key-logging spyware.

During 2004, Gartner publicly reported that related crimes such as Phishing, whereby criminals use misleading e-mail and websites to dupe individuals into sharing personal data like passwords, accounted for a staggering $2.4 billion in fraud, or an average of $1,200 per victim, during the last 12 months.

Unlike Phishing, Pharming attacks hide silently in a network-connected computer and ‘harvest’ personal financial details of the users’ regular Web surfing activities. Users requesting a bona fide Website are unknowingly sent to a fake Website that mirrors a legitimate site.

Once the pharming scheme is planted, malicious activitiy can be launched against a wide number of sites that the user may visit on a regular basis totally unknown to that user. Pharming attacks are carried out using sophisticated blended attacks against DNS servers, typically involving DNS cache poisoning.

The 5 Ways To Spot A Pharming website is as follows:

1) The login process, verification or information displayed will not look precisely the same as the legitimate site.

2) Pharming sites will most likely ask for additional verification or personal information that is not normally required.

3) Legitimate websites requesting confidential information will always encrypt the session with Secure Sockets Layer (SSL). Look for the ‘padlock’ icon on your browser and double click on the padlock to verify the SSL certificate.

4) On a safe site, the browser URL should contain the prefix https:// in the address bar. Pharmed sites do not normally have SSL certificates and will remain as http:// even when you are requested to submit confidential data

5) Spoofed SSL certificates should cause your browser to display a security alert message. Rather than ignore it, users should take the opportunity to check the certificate and take this as an obvious sign of a fraudulent website.

Tags: pharming