View Full Version : 'Pharmers' hit online bank users with fraud scam
ronjor
April 25th, 2005, 09:58 AM
-{ Quote: "It's the next Internet scam, and it could be the most menacing" }-
Story (http://www.usatoday.com/tech/news/computersecurity/infotheft/2005-04-22-pharming_x.htm)
Acadia
April 25th, 2005, 11:08 AM
That's why, a couple of months ago, I put all of my financial institutions into my Host file, so I never need to use a DNS server, for the financial institutions anyway.
Acadia
trickyricky
April 25th, 2005, 01:38 PM
They can carry out DNS poisoning, but how can they falsify the secure certificate that's needed for an SSL link? If a site is unsecured, using an http: URL instead of an https: one, it should be obvious that the web site isn't the correct bona-fide one.
Decent browsers, such as Firefox, even colour the entire address bar yellow when on a secure link, so we're not completely devoid of all hope.
Yet...
lupus
April 27th, 2005, 05:23 AM
I make sure to check out certificates and https and i use a knoppix live-cd when conducting banking/paying business on the internet, i don't know what more i can do, if they start messing with certificates it's game over for online banking and e-commerce.
Maybe a good idea as well would be to bookmark the IP adress instead of the http one for critical websites such as banks.
Also suppose one enters his personal info on a bogus site, there is absolutely no way they could display proper account information, there would be (if they are clever) some sort of "service unavailable" message that should arise suspicion.
Rmus
April 27th, 2005, 11:13 AM
-{ Quote: "That's why, a couple of months ago, I put all of my financial institutions into my Host file, so I never need to use a DNS server, for the financial institutions anyway." }-
Two other solutions:
1) Make a separate firewall rule for your Browser -HTTPS - Port 443 with a list of trusted addresses. Any attempt to go to another address via that port will bring up an Alert/Prompt
2) Before going to your banking or any other secure site where you do transactions, un-check your regular Browser rule. This will Alert/Prompt any outgoing attempt and you can check the IP address in the Alert box with your known one.
Recently, I had an interesting experience with this. See my thread at
http://www.wilderssecurity.com/showthread.php?p=442811
---
Rmus
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums