Web Site Spoofing – The Danger of Public Proxy Servers

computer-attacks.jpgA week or so ago I wrote an article on Surfing on Public Computers? – Stay Anonymous in which I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!” 

Now comes word from Panda Security that in some cases public proxy DNS’s, the database that associates numeric IP addresses (206.4.XX.XXX) with URLs, microsoft.com for example, have been known to have been modified. 

The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page.  For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.

According to Luis Corrons, Technical Director of PandaLabs, “The danger of this type of attack is, users with malware-free, up-to-date computers with a good firewall, etc. could fall victims to these attacks”. 

To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites at which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted. 

It’s equally as important that you use a browser add-on such as McAfee Site Advisor, LinkScanner Lite, or WOT (Web of Trust), so that you have a first line of defense against this type of attack. 

If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game

5 Comments

Filed under Anonymous Surfing, Anti-Malware Tools, Freeware, Internet Safety Tools, Malware Advisories, Online Banking, Online Safety, Phishing, Safe Surfing, System Security, Windows Tips and Tools

5 responses to “Web Site Spoofing – The Danger of Public Proxy Servers

  1. Anonymous Web Surfing prevents data spies from unauthorized tracking of your Internet activity.Please beware of some of the services being offered by some free proxies as some have been known not to work properly.
    Sometimes its better to pay something small towards the service (some of them charge as little as $5 per month.

  2. I’m surpirsed there wasn’t a mention of Anonymizer. This is their bread and butter and have a few different solutions from anonymity online.

  3. The challenge with any public webproxy is that most institutions block these well known proxies… well we all got to the same resources to find a good proxy server. As Jack said, the software solution is a better option as it track new proxies and use them avoiding any blocks implemented by the system administrator. Just my $0.02.

  4. Don’t block me, bro

  5. A good proxy webmaster would never do this, one should always transmit the data unaltered back to the user. Its people who do this that give those of us who try to run good web proxies a bad name.