I was surfing on YouTube the other day and found this hilarious video mash-up of Taylor Swift’s song “Shake It Off” and an 80s aerobics video. For a lot of kids today, mash-ups are all the rage—whether it’s combining two videos, two songs, or two words.
Mash-ups have even caught on in the tech world. The word pharming is actually a mash-up of the words phishing and farming. Phishing is when a hacker uses an email, text, or social media post asking for your personal and financial information. On the other hand, pharming doesn’t require a lure. Instead of fishing for users, the hacker just sets up a fake website, similar to farming a little plot of land, and users willingly and unknowingly come to them and give them information.
How does it work? Most hackers use a method called DNS cache poisoning. A DNS, or domain name system, is an Internet naming service that translates meaningful website names you enter in (like twitter.com) into strings of numbers for your computer to read (like 22.214.171.124). The computer then takes you to the website you want to go to. In a pharming attack, the hacker poisons the DNS cache by changing the string of numbers for different websites to ones for the hacker’s fake website(s). This means that even if you type in the correct web address, you will be redirected to the fake website.
Now, you go to the site and thinking that it is a legitimate site, you enter your credit card information, or passwords. Now, the hacker has that information and you are at risk for identity theft and financial loss.
To prevent yourself from a pharming attack, make sure you:
- Install a firewall. Hackers send pings to thousands of computers, and then wait for responses. A firewall won’t let your computer answer a ping. The firewalls of some operating systems are “off” as a default, so make sure your firewall is turned on and updated regularly.
- Protect against spyware. Spyware is malware that’s installed on your device without your knowledge with the intent of eavesdropping on your online activity. Spyware can be downloaded with “free” programs so be leery of downloading free software and don’t click links in popup ads or in suspicious e-mails.
- Use comprehensive security software. McAfee LiveSafe™ service includes a firewall and scans your computer for spyware. It also protects all your smartphones and tablets as well. And make sure to keep your security software updated.
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Twitter Crime on the Rise
Twitter is now beginning to see a substantial rise in active users. A recent report found that the percentage of Twitter users who have tweeted ten or more times, have more than ten followers, and follow more than ten people rose from 21% to 29% in the first half of 2010. Spammers, scammers, and thieves are
- Malicious Websites – The Web is a Dangerous Place
McAfee’s latest Threats Report shows a growth in malicious websites replacing botnets as the primary infection mechanism. This means that by just simply visiting a website you could be exposed to malicious things that can do harm to your computer, mobile device, finances or identity. Websites with bad reputations are influenced by the hosting of malicious software (malware), potentially
- 10 Ways to Protect Your Twitter Account From Getting Hacked
Recent news of Twitter accounts being hacked has slowed a bit, partly due to Twitter implementing two-factor authentication. When you sign in to Twitter.com, there’s an option in “Settings” under “Account security” for a second check to require a verification code to make sure it’s really you. You’ll be asked to register a verified phone number and
- Typosquatting for Fun and Profit
Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter or criminal hacker. Typosquatters often create
- Twitter Scam Hooks Thousands
Twitter’s numbers are astounding. In the physical world, when communities become larger and more densely populated, crime rises. The same applies to online communities. CNET broke down Twitter’s recent blog post, which celebrates their significant numbers: “It took three years, two months, and one day for Twitter to hit 1 billion tweets; now, a billion tweets are posted in