
with pharming is the fact that the URL will display the target correctly, such
as www.paypal.com, but the IP address is the attacker’s. More specifically,
BankAsh would interject via Internet Explorer if it detected you were going to
a specific organization’s URL and would inject the attacker HTML over the site
locally. This would make it so that you never actually went to a phisher’s site,
thus there would be nothing to detect or shut down.
To add to the chaos, pharming is usually easier than you might think.
Cable companies providing Internet service, such as Adelphia and Cox Cable,
allow ARP poisoning, which would enable phishers to use simple tools ...