Pharming

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called “phishing without a lure.”

In phishing, the perpetrator sends out legitimate-looking e-mails, appearing to come from some of the Web’s most popular sites, in an effort to obtain personal and financial information from individual recipients. But in pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.

A particularly ominous pharming tactic is known as domain name system poisoning, in which the domain name system table in a server is modified so that someone who thinks they are accessing legitimate Web sites is actually directed toward fraudulent ones. In this method of pharming, individual personal computer host files need not be corrupted. Instead, the problem occurs in the DNS server, which handles thousands or millions of Internet users’ requests for URLs. Victims end up at the bogus site without any visible indicator of a discrepancy. Spyware removal programs cannot deal with this type of pharming because nothing need be technically wrong with the end users’ computers.

Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent Web site, criminals have the information and identity theft can be the end result.

無誘餌釣魚欺騙

無誘餌釣魚欺騙是一種詭秘的做法，其中惡意代碼裝入個人計算機或服務器，在不知不覺中或者未經(jīng)用戶同意將用戶錯誤地引向騙人的網(wǎng)站。它被叫做“無誘餌的釣魚”。

在釣魚式欺騙中，為了從收信個人那里獲得個人和財務信息，作惡者發(fā)送似乎是合法的電子郵件，看上去這是來自某個最流行的網(wǎng)站。而在無誘餌釣魚欺騙中，由于它不是一個一個地針對個人，受害方絲毫不會懷疑這些行為，所以會有大量的計算機用戶受害。其中一種無誘餌釣魚欺騙的形式就是，隨電子郵件發(fā)出的(惡意)代碼修改個人計算機上的本機主文件。該主文件將URL轉(zhuǎn)換成計算機訪問網(wǎng)站的數(shù)碼串。擁有修改過的主文件的計算機會去假冒的網(wǎng)站，即使用戶鍵入了正確的因特網(wǎng)地址或者點擊了受影響的書簽條目。有些消除間諜件的程序能糾正此種破壞，但除非用戶改變了瀏覽的習慣，否則它還是會頻繁發(fā)生。

一種特別惡毒的無誘餌釣魚欺騙手段叫做域名系統(tǒng)中毒，這時服務器中的域名系統(tǒng)表被修改了，這時那些認為自己在訪問合法網(wǎng)站的人實際上被引導到了假冒的網(wǎng)站。在這種無誘餌釣魚欺騙中，個人計算機的主文件不必被修改。相反，問題出在了處理成千上萬因特網(wǎng)用戶的URL請求的域名系統(tǒng)服務器上。受害者最終在感覺不到任何異樣的情況下上了假網(wǎng)站。消除間諜件程序?qū)Υ祟悷o誘餌釣魚欺騙是無能為力的，因為從技術上講不需要最終用戶的計算機出錯。

一旦諸如信用卡號、銀行賬號或口令等信息進入了假冒網(wǎng)站，罪犯就擁有了這些信息，身份失竊就是必然結果。