A week or so ago I wrote an article on Surfing on Public Computers? – Stay Anonymous in which I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!”
Now comes word from Panda Security that in some cases public proxy DNS’s, the database that associates numeric IP addresses (206.4.XX.XXX) with URLs, microsoft.com for example, have been known to have been modified.
The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page. For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.
According to Luis Corrons, Technical Director of PandaLabs, “The danger of this type of attack is, users with malware-free, up-to-date computers with a good firewall, etc. could fall victims to these attacks”.
To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites at which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted.
It’s equally as important that you use a browser add-on such as McAfee Site Advisor, LinkScanner Lite, or WOT (Web of Trust), so that you have a first line of defense against this type of attack.
If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game