cybercrime - phishing and pharming

Author: Nyman Gibson Miralis

Subject: Cybercrime

Keywords: physhing, pharming, spam, malware, domain hijacking, Domain Name Server (DNS), ACORN

 

In an ever increasing globalised and digitalised world, the use and accessibility of the internet has put everyday people at constant risk of falling into the traps of cybercriminals.

From simply opening an email from a sender you do not recognise to being randomly redirected to seemingly authentic websites.

Below is some information to assist you in protecting your confidential information from cybercriminals who seek to ‘phish’ and ‘pharm’ for your details.

 

What is involved in the cybercrime of “phishing”?

Phishing involves the fraudulent practice of sending ‘spam’ emails that appear to be from well-known and reputable companies that are designed to induce individuals to divulge personal information, such as bank and credit card account details.

Phishing is a criminal offence.

 

What is the difference between pharming and phishing?

Whilst phishing and pharming may appear similar, there are subtle differences which you need to be aware of. Phishing relies on an internet user clicking on a spammed link to either:

  1. Infiltrate their computer with viruses or
  2. Obtain personal information through you voluntarily entering such information.

Pharming is different and much easier for a cybercriminal to gain access to your personal information. Through malware viruses that have been downloaded onto your computer, pharming will redirect a victim to a bogus website.

Even if you  type the correct web address of your financial institution or other online service into your web browser.

 

How do cybercriminals ‘phish’ for your details?

A phisher will entice the individual to a particular website through ‘bait’ in the form of a phony email, website address, or link. Cybercriminals will send millions of these fraudulent ‘spam’ emails to random e-mail addresses in the hope of luring innocent people to their particular website.

Each email will contain a message that will appear to come from a legitimate, well-known and trusted company. The emails will usually try to elicit an emotional response from an individual and urge that particular person to respond to a false crisis.

Once the link is clicked in the email, there is usually a redirection to the ‘phishers’ website. If the link is followed, viruses, such as Malware can infect your computer and capture your keyboard strokes which includes any typed information.

As cybercrime has grown and evolved, there is an even greater likelihood that simply clicking on an unrecognisable link will download a virus that has the potential to capture your confidential information.

Such information can vary from social networking and Apple ID login details to your banking information.

 

How do cybercriminals ‘pharm’ for your details?

Every website has an Internet Protocol (IP) address, and pharmers will exploit that host name in a number of ways in an attempt to gain a user’s personal information. Such tactics include:

  1. Slight misspelling of domain names: This will inadvertently trick users into using the pharmer’s website. For example a pharmer may direct from www.NGMbank.com.au by using the URL www.NGMbnk.com.au
  2. Malicious Software (Malware) – Viruses and Trojans which can intercept an internet users request to visit a particular site (in this case www.NGMbank.com.au) and redirect the user to the site the pharmer has established (www.NGMbnk.com.au)
  3. Domain Hijacking – where a hacker steals and redirects all internet web traffic from a legitimate website to the website the pharmer has established.
  4. Domain Name Server (DNS) Cache Poisoning – This is a type of attack that exploits vulnerabilities in the DNS system. The result is that internet traffic will be diverted from legitimate websites to fake ones. DNS poisoning is extremely dangerous because it can spread from server to server.

 

How prevalent are the cybercrimes of phishing and pharming?

The growth of fraudulent cybercriminal activity is on the rise. A recent study conducted by the Australasian Consumer Task Workforce found that of the respondents surveyed 98% reported having received at least one fraudulent invitation in the last 12 months preceding the survey.

The most common type of fraudulent invitation received was from:

  1. Computer support centre fraud (63%)
  2. Fraudulent lottery invitation (61%)
  3. Phishing schemes (55%)

Importantly, 77% of respondents who had received a fraudulent invitation reported they had received such an invite via email.

 

What to do if you have been the victim of a cyber-attack

It is important to remember that ‘phishers’ and ‘pharmers’ fraudulent scams can appear extremely convincing, hence why they are an effective method for cybercriminals to gain your personal information. If you believe you are the victim of an online fraud or scam you should report the incident to the Australian Cybercrime Online Reporting Network (ACORN).

If you notice an email from an unrecognisable sender, you should delete that particular email without opening it. Critically, do not respond to an email that asks you for your personal information.

If you have fallen victim to a cybercriminal attack and noticed irregularities in your bank account you should contact your financial institution immediately.

 

Nyman Gibson Miralis specialise in dealing with complex national and international cybercrime investigations. Our expertise includes dealing with malware, phishing and computer hacking offences, bootlegging and tripping, Bitcoin and crypto-currency fraud, as well as offences relating to identity theft, spreading computer viruses and DDoS attacks. If you require assistance, contact one of our expert criminal defence lawyers