Syshacks Tech Blog » avoid desktop phishing http://blog.syshacks.com We Lead & Other's Follow Mon, 21 Dec 2009 05:10:56 +0000 en hourly 1 http://wordpress.org/?v=3.0.4 Block Desktop Phishing in your PC ! http://blog.syshacks.com/2009/09/13/block-desktop-phishing-in-your-pc/ http://blog.syshacks.com/2009/09/13/block-desktop-phishing-in-your-pc/#comments Sun, 13 Sep 2009 06:40:29 +0000 Shoaib http://blog.syshacks.com/?p=69 In recent times, a new method of phishing has come up.

In Desktop Phishing, Hackers replace your Windows/System32/drivers/etc/hosts file , this file controls the internet browsing in your PC. You can do some mischief there by  interchanging IPs of Yahoo and Google. Such that when you open Yahoo, Google opens.

We can of course do something to Block It. This Tutorial is Exclusively Syshacks.

Here is a screenshot of the File.

Screen 1

I just replaced Yahoo website by Google in my pc.

Screen2

I know you wont believe it but it does Work.

Okay so now the way Hackers are using it is that they change this file and extract it on your PC in some way such that it gets replaced. For e.g they will keep a different ip for paypal.com so even if you type paypal.com in your PC, the Phisher Link will Open. Which is quite dangerous right.


A Nice Solution is given by:

1) Right Click on the File > Properties and set it as Read-Only in the General Tab.

2) A small Macro by Insight Software.

http://www.macros.com/usermacs/umprothosts.htm

Download Link:

http://www.macros.com/download1/usermacs/umprothosts.zip

This macro notifies the user when the HOSTS file has been altered.

Comments and your Solutions are welcome.

]]> http://blog.syshacks.com/2009/09/13/block-desktop-phishing-in-your-pc/feed/ 11