It appears that, to the modern cracker, phishing is out and "pharming" is in. But what is pharming? Well, this is an attack whereby people visiting legitimate websites (say, a banking website) are diverted to fake domain addresses owned by criminals. The "Troj/BankAsh-A virus
" is the latest in the Pharming story, as viruses have a role to play in this little deception.
Barclays, HSBC, Lloyds TSB and NatWest all feature in the attack list of the virus which is delivered to victims via attachments in spam e-mails. Unlike phishing, which relies on the user clicking on a link to a bogus website, the attack is triggered by the virus itself. This lies inside victims’ computers before automatically redirecting users to a fake website when they try to visit their internet bank. Once password details have been unwittingly revealed, the victims’ accounts are emptied.
These kinds of attacks are "seeded" out to user's PCs through viruses, worms or e-mail attachments without internet browsers knowing that it is lurking on their machine. While there is no real mechanism in place for internet banking sites to prove their identity to users logging on to their accounts, this problem is likely to grow.