Indiana U. student warns of new Internet fraud method
(Comtex Business Via Thomson Dialog NewsEdge)BLOOMINGTON, Ind., Feb 22, 2006 (Indiana Daily Student, U-WIRE via COMTEX) --As the ever-expanding age of the Internet develops further, so do the problems, such as identity theft and computer viruses, that accompany it. University Information Technology Services provides Indiana University students with information about security to prevent identity theft over the Internet and even free anti-virus software for IU students at its Web site. Now, however, even that might not be enough protection for users.
Alex Tsow, a graduate student of computer science, has conducted research that shows students should not only be wary of suspicious "phishing" e-mails, but also of suspicious hardware that can perpetuate the attacks.
Phishing is a method of identity theft in which a created Web site mimics a legitimate company's and deceives the user into providing his or her personal information, Tsow said.
Tsow presented his research, titled, "Phishing with Malicious Consumer Electronics," Tuesday to fellow students. The presentation focused on a new type of phishing attack that employs the use of a home router.
Tsow explained how hackers and people with working knowledge of routers are able to buy an over-the-counter router and then change the internal settings so that it connects to different Web sites in order to obtain restricted information for identity theft and steal money.
Tsow has been working on this project with Markus Jakobsson, associate professor of Informatics, for about a month.
As part of his research, Tsow bought a router and altered its internal settings to misdirect the user from eBay.com to that of the Anti-Phishing Working Group Web site, www.antiphishing.org. Though the router successfully misdirected the user to the new site, the address still appeared as www.ebay.com in the URL bar.
Tsow said once a router's settings have been changed, it is referred to as a compromised router.
"Anti-virus programs check your computer's memory and hard drive. They have no access to the router, so it isn't checked," Tsow said.
Some compromised routers are even more difficult to detect because the attacker can revert the router to its original settings, which removes the evidence of a phishing attack having taken place, Tsow said.
"It only takes a few minutes to change the settings on a router," he said. "I could probably do around 20 per hour."
Tsow's research found the average identity fraud in 2006 costs about $6,000 and estimated that if someone sold 15 compromised routers per week for one year and had three victims for each router, that person would end up stealing a little less than $15 million in just one year.
"It makes you paranoid. It's hard to know what to trust," said Divya Aggarwal, a graduate student of Informatics.
Tsow said there is currently no easy solution to this problem. However, he shared some preventive measures wireless network users can practice in order to avoid the effects of a compromised router. He said to accept only signed firmware from trusted hardware vendors and set default policies to never accept self-signed certificates. Tsow said he is changing his browsing habits on wireless networks to be more careful.
"I would fall for most of this if I didn't know better," he said.
[ Back To TMCnet.com's Homepage ]