Phishing and Pharming

The Internet offers you the opportunity to bank in safety at your convenience. There is no reason why it should not be used with confidence, but you should not relax your guard when online. Understanding the risks posed by "phishing" and "pharming" can help mitigate those risks.

What is phishing?
Phishing - as in fishing for confidential information - is the name given to the practice of sending emails at random purporting to come from a genuine company operating on the Internet. The emails are an attempt to trick consumers into disclosing personal information at a false Web sites which may later be used to commit fraud and/or identity theft. 

In a typical case, the consumer receives an e-mail appearing to originate from a financial institution that requests personal or financial information. The e-mail often indicates that the consumer should provide immediate attention to the situation described by clicking on a link. The provided link appears to be the Web site of the financial institution. However, in "phishing" scams, the link is not to an official Web site, but rather to a phony Web site. 
Once inside that Web site, the consumer may be asked to provide a Social Security number, account numbers, passwords or other information used to identify the consumer, such as the maiden name of the consumer's mother or the consumer's place of birth. When the consumer provides the information, those perpetrating the fraud can begin to access consumer accounts or assume the person's identity.

How can I prevent becoming a victim of phishing?
The key thing to remember is that you should remain alert and be suspicious of all unsolicited or unexpected emails you receive, even if they appear to originate from a trusted source. Commerce Bank may contact you by email, but we will never ask you to reconfirm your login or security password information by clicking on a link in an email. Follow the simple rule to never disclose your password or complete confidential personal information to any site which asks you for it by email.

What is pharming?
While pharming is similar to phishing in that both practices try to entice individuals to enter personal information on a fraudulent Web site, which may later be used to commit fraud and identity theft, they differ in how they direct individuals to that site:

Pharming is the practice of redirecting  an individual to an illegitimate Web site through technical means. For example, an Internet banking customer, who routinely logs in to his online banking Web site, may be redirected to an illegitimate Web instead of accessing his or her bank's Web site.

Pharming can occur in different ways:

1. Static domain name spoofing: The "pharmer" committing the fraud, attempts to take advantage of slight misspellings in domain names to trick users into inadvertently visiting the pharmer's Web site. For example, a pharmer may redirect a user to bakatcommerce.com instead of bankatcommerce.com, the site the user intended to access.
   
   Commerce Bank combats this activity by employing digital certificates. Legitimate Web servers can differentiate themselves from illegitimate sites by using digital certificates. Web sites using certificate authentication are more difficult to spoof. Consumers can use the certificate as a tool to determine whether the site is trustworthy.
   
   
2. Malicious software (Malware): Viruses and Trojans are latent malicious code or devices that secretly capture data on a consumer's personal computer. They have the ability to intercept the user's request to visit a particular site and redirect the user to the site that the pharmer has set up.
   
   Commerce Bank recommends that all Internet users, especially those who utilize Mane-Link Internet Banking, should install current versions of virus detection software, firewalls and spyware scanning tools. By employing these tools you greatly reduce the risk of computer infections. It is also critical that you update and patch these tools as often as possible.
   
   
3. Domain hijacking: A hacker may steal or hijack a company's legitimate Web site, allowing the hacker to redirect all legitimate Internet traffic to an illegitimate site. Domain names generally can be hijacked if the legitimate owner is not vigilant in managing and protecting its rightful domain name.
   
   Commerce Bank diligently manages its domain names by ensuring that the domain names are renewed automatically and in a timely manner. Commerce Bank also maintains locks on the domain names to avoid unauthorized domain slamming. Commerce Bank has also registered several similar domain names and redirected those domain names to our own site.
   
   
4. DNS poisoning: The most dangerous instance of pharming may be Domain Name Server (DNS) poisoning. Domain name servers are similar to Internet road map guides. When an individual enters bankatcommerce.com into his or her browser, DNS servers on the Internet translate the web site name into an Internet protocol (IP) address, which provides routing directions. After the DNS server provides this address information, the user's connection request is routed to bankatcommerce.com.

There are only 13 root DNS servers for the entire Internet, which are closely protected and controlled. Most requests are directed by a local DNS server before they ever reach a root DNS server. Local DNS servers can be "poisoned" to send users to a Web site other than the one that was requested. This poisoning can occur as a result of misconfiguration, network vulnerabilities or Malware installed on the DNS server.

Commerce Bank combats this practice by diligently monitoring web site traffic. Any disruption to normal Internet-related traffic alerts our staff to the problem. In addition the Internet Banking servers are secured within a DMZ, and hardened against unauthorized access.