One of the most valuable currencies on the internet is information, and there are attackers dedicated to accruing it around the clock. Shared below are some of more commonly used techniques.
Pharming is also referred to as Domain Name System (DNS) poisoning. Pharming modifies a system’s host files or domain name system to automatically redirect users to a fake URL or website, even if the user enters the correct web address or uses a bookmarked page. When successful, this form of phishing can collect the desired information with the user none the wiser as they have navigated to legitimate website.
Content Injection phishing is similar to pharming in that it uses a legitimate website to compromise the user’s personal information. The difference being that the hack/malware is added to the back end of a legitimate website instead of the user’s device. With this type of phishing, the hacker is able to mislead and redirect the user to get them to give up their personal information.
These two forms of phishing may be a little harder to detect without the proper tools
Man-in-the-middle (MitM) attacks occur when a hacker sets up between the user and the websites they are trying to use, like an online banking site or even social networking page. They then take the users’ information as it’s being entered, making it harder to detect this type of phish.
Search Engine Phishing
Search engine phishing is executed by hackers creating malicious webpages. They often contain enticing offers and attempt to get users to click on the page, when it is pulled up as a result from a search engine query. It’s important to pay attention to the web addresses you are being directed to in order to avoid being tricked into providing your personal information.
- Use anti-virus and spyware software
- Antivirus and spyware software is sometimes underrated. Having the software on all of your devices can seriously reduce the risk of pharming and content injection phishing schemes.
- Make sure all of your programs, apps, and tools are up to date.
- When updates are pushed they ensure that vulnerabilities are detected and patched, and if the updates aren’t installed, it can put your device(s) at risk.
Detailed information regarding phishing scams and other IT security topics are available on our IT Security website at: www.fordham.edu/SecureIT or from our blog at fordhamsecureit.blogspot.com
If you have any questions or concerns, please contact IT Customer Care at (718) 817-3999 or via email to: HelpIT@fordham.edu.