San Diego, Calif. April 26, 2005 Anonymizer, Inc. today announced that its online identity protection products now protect against the most sophisticated Internet attack called “pharming.” Statistics from SANS Internet Storm Center show that at least 1,300 sites were compromised through pharming attacks in early March.
There are two ways that online predators can utilize pharming tactics to steal personal and financial information from unsuspecting victims. One tactic corrupts local DNS servers at the network level and the other tactic corrupts a PC’s Host file at the individual level. Both forms of attacks redirect Internet users from legitimate Web sites to malicious sites without their knowledge. In addition, this vicious threat does not rely on the victim taking an action, such as clicking on a link in a bogus email, to trigger an attack.
“The rise of online shopping, Internet banking and electronic bill paying has created a large target for criminals to capture login information, credit card numbers, and more,” says Lee Itzhaki, director of product management at Anonymizer, Inc. “While the industry is scrambling to develop tools to combat pharming attacks, Anonymizer’s sophisticated network-based security model allows us to adapt to a variety of new threats in near real-time without any changes to the user’s software or systems. This proactive protection enables consumers to defend themselves against increasingly sophisticated threats and to continue to enjoy the convenience of the Internet without fear of having their identities stolen or compromised.”
How Pharming Works
When a user types a URL, such as www.google.com, into their Internet browser, a request goes to a local DNS server, which then locates the registered IP address for that Web server. This exchange is the weak link in the Internet’s infrastructure. When a pharmer poisons a DNS server, he changes the IP address for the domain and sends visitors to a completely different Web site, usually without their knowledge.
To understand this process, think of an IP address as a person’s phone number. Similarly, a DNS server would be equivalent to a phone book, which looks up the Web site’s name and produces the IP address. In a pharming attack, the pharmer simply changes the “phone numbers” in the “phone book” and leads users to counterfeit Web sites.
This is also the case with Host file pharming attacks. In addition to corrupting the DNS server, pharmers can also corrupt the Host file on a user’s PC. The Host file is another “phone book” that translates the Web site’s URL into a numeric code. When a pharmer changes the information on a user’s Host file, they change the IP address for a domain and send the visitor to the false site. The user usually has no idea the host file has been changed, nor does the average user know how to check their host file.
Anonymizer Protects Users against Pharming Attacks
Unfortunately, users cannot tell that they have been a victim of a pharming attack by simply looking at the URL in their Internet browsers. In fact, the URL and the site itself will most likely look legitimate to site visitors.
Anonymizer’s online identity protection solutions proactively defend users against pharming attacks by routing all customer Internet traffic through Anonymizer’s protected DNS servers, which are secured against all known instances of pharming attacks. In addition, Anonymizer solutions intercept all browser requests before returning the page to the end user. Due to the fact that the user’s host file is never accessed, people using Anonymizer are protected from these vicious attacks.
Without a single security breach since it’s inception in 1995, the following Anonymizer online identity protection solutions protect users against pharming attacks:
Ã‚Â· Anonymizer Anonymous SurfingÃ¢â€ž? creates an encrypted path between a user’s computer and the Internet to shield them from the most sophisticated methods of online spying and snooping.
Ã‚Â· Anonymizer Total Net ShieldÃ¢â€ž? protects a user’s Internet activity including email, instant messaging, chat, and newsgroup postings.
Ã‚Â· Anonymizer Intelligence ChameleonÃ¢â€ž? provides identity protection and information assurance to organizations that utilize unstructured data management tools to harvest large amounts of information from the Internet.
Ã‚Â· Anonymizer Enterprise ChameleonÃ¢â€ž? shields Enterprise users’ identities and provides information assurance when conducting online research.
Visit www.anonymizer.com/pharming for more information on pharming attacks and to learn how Anonymizer solutions protect users against this malicious threat.
About Anonymizer, Inc.
Anonymizer is the leading provider of Internet privacy and security solutions for consumers, corporations, organizations, and government agencies. The company provides safe and secure Web experiences to over two million global Internet users. Anonymizer identity protection solutions have been used to protect over four billion Web pages since the company’s inception in 1995. Anonymizer is privately held and headquartered in San Diego, California. www.anonymizer.com/pharming