Phishing and pharming dangers A MUST READ For the consumer, shopping online means speed, convenience and savings. For the retailer, the Internet offers a bigger audience and reduced infrastructure costs, which can be passed on to the consumer. Netizens between 18 and 25 years form the largest segment of window shoppers on the Net. They are mostly young professionals. The biggest worry is credit card misuse or the fear of allowing unauthorised access to bank accounts in case of debit cards. Being flooded with spam also worries an online member. “The most common fear among shoppers is that their financial information will be misused, which is not totally unjustified,” says Pavan Duggal, advocate, Supreme Court of India and cyber law expert. Let’s take a look at some of the frauds that can happen online. Phishing is the type of online attack, whereby scammers copy the ‘look and feel’ of a reputed establishment’s website as accurately as possible, building a replica site as a bait to reel in the targeted company’s customers. One has to recognise this con job. Little details may be changed — like the missing ‘i’ in http://www.citbank.com shown on your address bar. A more sophisticated version involves redirecting victims through a masked address with some cleverly concealed coding to redirect traffic from a genuine link. For example, one might use http://www.citibank.com, which is the genuine Citibank site. But the information can be actually redirected to another site by using the ‘mask’. For example, http://www.citibank.com/track/ dyredir.jsp?rDirl= http://300.651.250.10/ will redirect you to an entirely different site, which looks exactly the same as the original. In such cases, the name displayed on your address bar is indeed genuine, and you’d have to explore the entire link to realise that it’s a fraud. How often will you take this trouble? Internet users who are unaware of phishing often just follow the instructions they see onscreen, and get into a serious financial mess. Other than this, there are innumerable cases of bogus online charities. The modus operandi is almost the same — just click on the link provided to make an online donation that will never reach the orphaned kid or tsunami victim it was intended for. You, on the other hand, have not only given the frauds money, but have also offered your credit card details. An even more sophisticated and difficult-to-detect online fraud is pharming, which involves hijacking the targeted site altogether. In a typical case of pharming, either the victim’s system or the DNS server may be compromised to redirect traffic to a malicious site. Through ‘DNS poisoning’ or ‘URL hijacking’ even correctly entered URLs can be diverted to a malicious site somewhere else in an attempt to extract sensitive personal data. Read the entie article here, http://www.affiliateshowcase.com/forum/forum.asp?FORUM_ID=27