Digital Tattoo: Your digital identity matters. Let’s discuss.

Outwit Pharming

Watch

OpenClose

Watch

Video credit: How AI Image Generators Make Bias Worse – posted by LIS – The London Interdisciplinary School on YouTube

Think

OpenClose

Think

Which is more commonly a target for pharming attacks?
- Individuals.
- Companies.
This is true in the sense that individuals trigger attacks. Pharming, however, is most commonly implemented by means of a legitimate company’s website. Norton.com has good resources for learning about the intricacies of cybercrime.
Right! While an individual has to fall for it, company websites are the most common target of pharming attacks. Norton.com has good resources for learning about the intricacies of cybercrime.
What is 'phishing'?
- A type of scam that relies on falsified links.
- A way to spend a lazy afternoon on the river.
- Oddly spelled.
- Frequently a precursor to identity theft.
Exactly. This form of attack is very well-known, and many companies append warnings to their messages. The safest course of action is to keep an eye on your URL bar and never give out passwords over email. Learn more about the dangers of online scams with our article on phishing.
You’re thinking of fishing, which is definitely outside the scope of Digital Tattoo. Learn more about the dangers of online scams with our article on phishing.
True enough, but guess again!
This is also true, particularly when the information ‘phished’ is identifying and sensitive – passwords, usernames, personal information. Learn more about the dangers of online scams with our article on phishing.
Why is the https:// prefix helpful?
- It keeps me secure.
- It ensures my privacy.
- It provides encryption and authentication.
Not necessarily – it does protect against man-in-the-middle attacks, but won’t ensure your security on the other end. Find out more about the https:// prefix on Wired.com.
While it will protect against falsification attacks, the https:// prefix can’t do anything to stop ‘trusted’ sites from breaching your privacy. It can only ensure you’re actually talking to those sites. Find out more about the https:// prefix on Wired.com.
This is exactly what it does, and this is useful for protecting yourself from man-in-the-middle attacks! Just be careful whom you trust. Find out more about the https:// prefix on Wired.com.

Explore

OpenClose

Explore

Attackers use many different methods to obtain personal information so as to steal a victim’s identity. Two popular methods are ‘pharming’ and ‘phishing’. Both methods trick the user into believing the attacker is someone – or something – they’re not. Falling victim to either form attack could cause an individual to lose control of their identity.

Phishing

Phishing is when the hacker poses as a trustworthy source and asks the victim to give out personal information, or follow a link to an unsafe website. Often phishing scams messages or emails appear to be from legitimate companies. Phishing can take several forms:

Phishing Emails: Scammers might send you an email from a domain or email address that is similar to a real, trustworthy person or company, but is spelled slightly differently. Sometimes these emails might contain telltale poor grammar and spelling mistakes, but other times (particularly as AI makes it easier to write convincing professional emails), they can be very convincing.
Smishing: Smishing is like phishing, except over SMS or text messages. Smishing messages might alter the sender ID of a text message to make it appear as though it was sent by a trusted phone number or business.
Voice Cloning: Using AI, it is possible for scammers to convincingly imitate other peoples’ voices. This means that scammers could send you voice messages that sound like they come from a trusted family member, friend or coworker.

To protect yourself against phishing:

If you think an email or message is suspicious, ask the sender to confirm whether the message was real using another means of communication.
Practice identifying suspicious messages, by looking through some examples of phishing emails and messages from the Canadian Anti-Fraud Centre, here. You can also read about recent frauds and scams involving AI on the AI Incident Database.
Be especially wary of links sent to you by email or text message. These links could lead to websites that look legitimate but are run by scammers who collect your data to commit fraud.
If you do want to follow a link sent to you by email or text, first verify the sender’s address and check that the linked website begins with “https://”.
To protect yourself from phishing attempts involving voice cloning, come up with a password or special phrase with your family, to identify yourselves in case of emergency.

Pharming

Pharming is a method of identity fraud that takes over a legitimate website or server in order to scam innocent people out of their money. A hacker changes the settings of a server so that when you enter the address of a legitimate website, it redirects you to a fake or a copy of the original site hosted somewhere else. Any data entered on this fake site is then stored on the server of this hacker. The diagram below details how a typical pharming set-up might work. Click on the image to see a larger version, then use your browser’s back button to return to this page.

Image from palisade.plynt.com

There are many ways people can try to steal your identity online and offline. Pharming is mostly targeted at companies’ websites and not individual users. While legitimate companies try to prevent this by installing defensive software and monitoring their web traffic, there are some things you can do to help protect yourself against pharming.

Always check that the website has security certificates and that the web address starts with https://
Read our online tutorial on Wi-fi hotspot security.
Check your bank and credit card statements regularly and report any suspicious charges.

Links

OpenClose

Discuss

The Digital Tattoo Project encourages critical discussion on topics surrounding digital citizenship and online identity. There are no correct answers and every person will view these topics from a different perspective. Be sure to complete the previous sections before answering the questions.

Have you ever experienced a phishing or pharming attack? What did you do?
What steps can you take to minimize your risk of falling victim to phishing or pharming?

What do you think? Tell us using the comment below.

Content maintained by The Digital Tattoo Team

Outwit Pharming

Watch

Think

Explore

Phishing

Pharming

Links

Discuss

Leave a Reply Click here to cancel reply.