{"id":36,"date":"2005-10-07T07:16:36","date_gmt":"2005-10-07T07:16:36","guid":{"rendered":"\/?p=36"},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T04:00:00","slug":"new-pharming-implements","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=36","title":{"rendered":"New pharming implements"},"content":{"rendered":"

As the following article<\/a> by Ben Charney from eWeek<\/a> shows, toolbars can make excellent pharming implements. I predicted this in one of my early blog postings, and of course it had to come true. Please note that I'm not hitting on Google – I'm pointing out a problem much broader than any one company or technology.<\/p>\n

\n

An Internet security specialist says a new threat forces computers to install faked Google software, which then goes phishing. <\/p>\n<\/blockquote>\n

\n

Phishing is where e-mails, IM (instant messages) or Web sites parody a legitimate company, and try to get users to provide personal information or financial account numbers and passwords. <\/p>\n<\/blockquote>\n

I actually see this as pharming as much as phishing, since the toolbar resides on your PC and continues to harvest information. But hey! Maybe it does both at once!<\/p>\n

\n

The latest cases involve bogus Google software spread via IM, and appear to be a variety of the infamous CoolWebSearch phishing scheme, according to Foster City-Calif.-based FaceTime Security Labs. CoolWebSearch has never been spread via IM before. <\/p>\n

In the recent cases, IM users unwittingly download a rogue tool bar, which is installed on a Web browser and provides easier access to an Internet search provider. <\/p>\n

Tool bars also contain measures to block pop-up advertisements. <\/p>\n

The only working feature on the fake Google Toolbar saves credit card details, according to Christopher Boyd, the security research manager of Foster City, Calif.-based FaceTime Security Labs. A bevy of others, including one to “enable pornographic ads,” do not work. <\/p>\n

IM is increasingly a target of phishers, as the latest attacks show. <\/p>\n

Some IM-related attempts date back to 2003. <\/p>\n

Most recently, in early March, Yahoo Inc. confirmed that some of its Yahoo Messenger customers received a message that appears to be coming from a buddy-list contact. <\/p>\n

Users can be lulled into directing a Web browser to a Yahoo Web page requesting log-in information for Yahoo accounts, according to an analysis by Akonix Systems Inc. <\/p>\n

The cases in point appear similar to a rather infamous method of hijacking Web browsers known as CoolWebSearch, Boyd adds. <\/p>\n

Instant messaging is increasingly a target of phishers, as the latest attacks show. <\/p>\n

Some IM-related attempts date back to 2003. Most recently, in early March, Yahoo Inc. confirmed, came under attack through Yahoo Messenger, its IM service. <\/p>\n

In the attack, users receive an IM message that often appears to be coming from a buddy-list contact. <\/p>\n

The IM attempts to lull users into clicking on a URL, which then takes them to a spoofed Yahoo page requesting login information for their Yahoo accounts, according to an analysis by Akonix Systems Inc. <\/p>\n<\/blockquote>\n

Let's work on holistic solutions that protect against these attacks and leverage progress made in one application across all others. As I told Mary Branscombe of the Guardian, <\/p>\n

\n

Improving site security with a better password system, or a toolbar that checks you are at the right site, can't fix a general security problem. “There are excellent people working on these things, but they can't counter current threats without changing the way computers behave in a distributed fashion,” Cameron says. “We need to work together.”<\/p>\n

[tags: Identity Theft<\/a>, Pharming<\/a>, Yahoo<\/a>, Toolbar<\/a>] <\/a><\/font><\/p>\n

\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"

As the following article by Ben Charney from eWeek shows, toolbars can make excellent pharming implements. I predicted this in one of my early blog postings, and of course it had to come true. Please note that I'm not hitting on Google – I'm pointing out a problem much broader than any one company or … Continue reading New pharming implements<\/span><\/a><\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/36"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=36"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/36\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=36"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=36"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=36"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}