Phishing
If you receive spam e-mail (and most of us do) you have probably seen messages from an online bank or auction website requesting that you login in and verify your information and enter your credit card information or otherwise your account will be closed. This is called phishing. The e-mail directs you to bogus Web pages that will try to trick you into surrendering personal information. Some will often have the actual website in one window and their info-gathering webpage in a pop-up window. The pop-up window has the look and feel of an authentic page.

What happens after they get this information? Not what you might expect. Most would expect to see immediate purchases for high-priced items appear on their statement, but what is more common is to see small, sporadic withdrawals (from as little as 25 cents to five dollars). If undetected, the withdrawals will increase in frequency and amount.

Cyber criminals will use this “low and slow” method to avoid detection, deliberately stealing only small amounts of cash. Given time, this type of scam can skim millions of dollars from thousands of online banking accounts.

The Source of Spam
Now you know what to watch out for, but just who is sending out all of these messages? Well, in fact, you are.

“Come again?”

That’s right: you, or someone you know.

Has your computer been running a little slow lately? Crashing frequently? You’ve checked the hardware and everything says it’s okay. So what’s the problem? There is probably nothing physically wrong with it – it’s just having a little trouble sending out 50,000 e-mail messages using your e-mail account.

So here is another word for your ever-expanding Internet dictionary: “zombie”. That is what your PC has become if it has been hijacked by a hacker.

Whether the virus came via e-mail, website or downloaded program, your PC is now mindlessly helping its masters commit crimes online.

Zombie PCs are responsible for the bulk of spam e-mail, which makes up 94.5 percent of e-mail traffic. Postini®, provider of spam-filtering software, estimates nearly 40 percent of spam now comes from zombie networks.

Pharming
Pharming is the other scam in which hackers are involved. Much like phishing, users are secretly redirected from financial sites to the scammers’ fake ones, where they are asked to enter their personal information. But instead of users clicking on links in their e-mails leading to fake sites, pharming will actually intercept users on their way to a bank or credit-card firm website. Yeah, you might have clicked that e-mail link or opened an attachment you shouldn’t have. Hey, it’s a mistake; people do it all the time (I’ve done it more times than I’m willing to tell you here). But with pharming, you don’t get the luxury of regretting a simple mistake.

Pharmers attack either the large servers that find websites for users or the users’ computers themselves. When a user tries to go to his or her bank’s website, a virus program secretly redirects them to the pharmer’s fake site (you type in www.abc.com but instead end up at www.xyz.com). The fake sites then send the collected information back to the hackers, who use the information in other fraud and identity-theft scams. Since hackers are targeting only a small section of the Internet, the legitimate sites don’t notice the drop in Web traffic because it is just a fraction of the total.

These types of attacks have been used for years, but only recently have they been used for identity theft. While phishing e-mail scams one person at a time, pharming nets thousands of Internet users at a time.

Who is Doing It and Why?
The “why” is easy: money.

Hackers are usually categorized as young whiz-kids launching electronic attacks for fun and bragging rights, often creating a huge if transient nuisance for companies and computer users. Their attacks could be called cyber vandalism, however, when compared to the PCs that are now being taken over purely for profit.

Code-writers now create malicious programs mainly to amass networks of zombie PCs. They then sell access to zombie networks to spammers, blackmailers and identity thieves who orchestrate fraudulent for-profit schemes. Many of the scammers are associated with loosely-organized crime syndicates in Russia, Latvia, Kazakhstan and China.

While collecting personal information from bogus Web pages is a serious threat, the use of zombie PCs to broadcast spam for Viagra or quickie loans has emerged as a huge business.

Protect Yourself
Personal computers have never been more powerful – or dangerous. Just as millions of Americans are buying new PCs and signing up for ultra-fast Internet connections, cyber criminals are stepping up their schemes for taking control of their machines – and most users are slow to grasp that an intruder has gained control of their PC.

Companies and big organizations can reduce the threat by keeping their software updated and patched. They can also install firewalls, filter for known scams and watch for changes in Internet protocol addresses on their servers.

There are many ways for malicious code to slip past firewalls and anti-virus programs. E-mail viruses, for instance, rely on tricking the victim into opening an infectious attachment. Another widely-used tool is harder to fight: the direct planting of viruses, known as “come-and-get-it” viruses, on popular websites and peer-to-peer sites, where music and movies are exchanged.

The trick is to be careful with your e-mail. Update your virus definitions, use a firewall program and spyware-detection software. You don’t need to become a security expert, but if your computer is acting strangely it might be worth your time to thoroughly check out your computer, even if your virus-scans come back clean.

previous	next
Publications : Bar Bulletin: May, 2005