Phishing & Pharming

Definition

Phishing is any attempt—via phone, email, instant messaging (IM), or fax—to procure personally identifiable information with the intent of identity, intellectual property, and—ultimately—financial theft. Most of these attempts are in the guise of a legitimate purpose; in other words, they appear to be valid, but instead are the actions of a criminal enterprise. A typical electronic phishing attack comprises two components: an authentic-looking email and a fraudulent Web page. This renders phishing a particularly insidious and damaging activity, because its perpetrators are adept at appealing to a victim’s sense of legitimacy. HTML-based emails often include company logos, colors, graphics, font styles, and other elements, and cover topics such as account problems, account verifications, security upgrades, and new product or service offerings. Web links included in these emails almost always possess the look and feel of the legitimate sites they copy, making the fraud almost impossible to detect.

Pharming is similar to phishing. Instead of directly soliciting personal or corporate information, however, pharming hijacks legitimate URLs—such as “www.mypayroll.com”—and redirects them, via the domain name server, to fraudulent IP addresses which spoof the originals. These spoofed URLs then collect, via a graphical user interface, protected information without a user ever noticing the difference. Because pharming requires a much higher degree of technical acuity to perform—and because the DNS is very difficult to manipulate—it is far less common than phishing. However, it is still possible that pharming will become an increasing threat in the near future.

How to protect your network, servers, pcs and mobile devices from phishing and pharming

  • Implement a comprehensive anti-phishing and anti-pharming solution, comprising protection at all possible entry-points—including the Internet gateway, messaging gateway, endpoint clients, endpoint servers, and the network. Trend Micro offers a variety of anti-phishing and anti-pharming products and solutions to suit various enterprise needs. Anti - phishing product
  • Keep all browser, email, and IM security patches up to date.
  • Educate employees about the latest threats, symptoms of infection, and how to protect servers, PCs, and mobile devices:
  • Be skeptical. Do not rely on personal discernment to distinguish between legitimate and unlawful requests for confidential information. Phishers and pharmers are sophisticated criminals who are well versed in defrauding even the most savvy end-users.
  • Never surrender personal or confidential information to an unfamiliar or unknown individual or business.
  • Delete any email that requests confidential information. If the request appears legitimate, use an established phone number to verify the request.
  • Do not disable enterprise antivirus, anti-phishing, firewall, or other security protection.
  • Seek IT counsel and support if you experience any communication (via email, phone, fax, or instant message) that requests corporate or personal information.

What may happen if you don't adequately protect your technology assets from phishing and pharming

  • Intellectual property theft—with potentially devastating financial results.
  • Compromised (sometimes irrevocably) market position.
  • Damaged corporate credit and reputation.
  • Exposure of personnel to identity theft—leading to significant loss in employee productivity as staff works (during business hours) to recover from the damage.