In the article immediately following this article, “OperaTor and XeroBank – Surf the Internet Anonymously”, I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!”
Well, there’s no time like the present, so here is that article.
In some cases public proxy DNS’s, the database that associates numeric IP addresses, e.g. (206.4.XX.XXX) with URLs, have been known to have been modified.
The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page. For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.
The following graphic shows a spoofed banking site.
(Click pic for larger)
The danger of this type of attack is – even users with malware-free, up-to-date computers with a good firewall, etc. could easily fall victim to these attacks.
To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites on which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted.
It’s equally as important that you use a browser add-on such as WOT (Web of Trust), so that you have a first line of defense against this type of attack. I strongly recommend that you use WOT as your primary Internet Browser protection. For more information, read “Love WOT And It Will Love You Right Back!” on this site.
If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game.