New Phishing Lures

While many phishing lures are working quite successfully today, the ever capitalistic criminals are working on the next level of attack. At present, this is not a big worry, but people are taking notice of the NEW technique(s), so we thought we would talk about them too.

The current phishing lure is usually a bogus email that requests you resend your vital personal information to the bank (usually because the world will come to an end if you don't). The email provides a link to a phony web site.

The problem for the criminals is that too many of us have figured out their scheme. So, time for a new lure.

Part of web surfing involves sending a request for the actual address (IP) of a domain. This translation is done via a domain name server (DNS). So, if you want to go to "www.prairietrail.com", your DNS server will send you to "66.39.25.39".

The new, and deliciously malicious, phishing technique is to make you use another DNS server that will route you to the wrong addresses.

So, how will/does it work? Instead of luring you with an email, they entice you to visit a website. At the web site they hope to give you a bit of malicious code. Any site will do. So, although Adam and Eve might avoid a sight about golden delicious apples, they still might surf to a web site on organic gardening. That code goes into the Windows registry and silently changes the value that tells your computer how to send requests to your proper DNS server (very sneaky, eh?). After that, all your surfing is controlled by another DNS server. You've taken the bait hook line and sinker.

The bogus server will probably give you the proper addresses for most of your surfing (like to prairietrail.com), but when you decide to go to a banking web site... You might never know that the bank's address had been corrupted as you enter your banking information.

But it won't stop there. The second wave of capitalistic criminals will not be content just to steal your money. They will likely start replacing other website addresses with the obligatory pop up ad, pornography, or whatever suites their folly. (Have you ever had some joker change the auto spell correction in MS word? Yeah, like that, only worse.)

Eventually anti-virus software will monitor the values in the registry, there will be lists of deceptive DNS servers, and protection software will validate what you use with that list. The good news is that currently only 0.4% of DNS servers respond with bad information, 2% are questionable, and most people don't use those systems anyway; instead, most of us use our ISP's DNS servers.

At present, this new and improved lure does not appear to be a major problem, but as the current lure was not a big problem five years ago, we should look for ways to prevent, avoid, and discourage the new lure in the near future.

Are you seeing?

The end of year is usually when we managers and business owners reflect on the business. We pull together plans for improving this part of the business or for moving to that part of business. But do we see the problems? For example, Real Estate professionals usually see a much rosier picture of the housing market than others, and the National Association of Realtors still predicts that housing prices will rise.

Yes, we have to react quickly in many cases, but if we are to quick, and come up with a familiar solution, we might miss the real problem.

Programmers see the world through programer-colored glasses, and thus, see problems as needing a programming solution. In fact, they often insist on a specific style of programming (such as Java). Yet, a simpler solution may be the economical way to go.

Of course, there is a very good reason to keep using the same solutions: the time, money, recourses, and headaches already invested! Another solution would require effort and learning. Yet, to keep up with the changing world, sometimes, we may need to try something new.

How do you know if a proposed solution is right? Get emotionally unattached. If you can't do it on your own then talk to other people who don't have that emotional attachment.

Brutally cut out everything that is not essential to the situation. If you were to start the business over, what would be different, what type of customers would you look for, and how would you provide the services they need?

Looking at your business can be a very interesting, albeit scary, exercise. By periodically reexamining everything, we are able to build a much better business.