Anonymizer Offers Phishing Defense

Anonymizer 2005 defends against pharming, a particularly insidious form of phishing.

Thomas Claburn, Editor at Large, Enterprise Mobility

February 9, 2005

2 Min Read

Internet privacy and security company Anonymizer Inc. has released an upgrade of its identity-protection software, Anonymizer 2005, to defend against a particularly insidious form of phishing that's been on the rise over the past few months.

"This kind of phishing is different from the kind you usually see," says Lance Cottrell, president and founder of Anonymizer. The Anti-Phishing Working Group, an association of businesses and law-enforcement organizations, calls it "pharming."

Phishing attacks traditionally rely on social-engineering techniques to dupe users into clicking on disguised links that take them to phony bank sites set up to capture sensitive information. Pharming, or "host-file phishing," relies on Trojans, worms, or viruses, some of which attack programs like Microsoft Outlook through E-mail. Once a machine is infected, the malware alters the computer's host file so that when a user types in the Web address for his or her bank, the browser sends the user to the phisher's fake bank site.

This technique takes advantage of the fact that banks have been telling customers to type their Web addresses into browsers manually rather than clicking on links to avoid a phishing scam.

Host-file phishing can usually, but not always, be prevented with antivirus or anti-spam software or hardware, which blocks the malware that alters the host file. Disabling Windows Scripting Host, a common procedure for security-conscious businesses, also offers some measure of protection by preventing potentially hostile Visual Basic Scripts sent as E-mail attachments from executing. But once a computer gets infected and its host file gets altered, defense can be difficult.

Anonymizer's software solves this problem by redirecting the user's Web traffic through its servers and resolving domain names there, rather than using a compromised host file. And, as its name suggests, Anonymizer 2005 encrypts the user's Web traffic and conceals the user's IP address so that advertisers and Web sites can't track the user.

The announcement of Anonymizer 2005 coincides with National Consumer Protection Week, as designated by the Federal Trade Commission.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights