Identity Thieves’ New Ploy: Pharming_在线英语听力室

(单词翻译:双击或拖选)

Identity Thieves’ New Ploy¹: Pharming

San Jose Mercury News,

Knight² Ridder Newspapers.

Distributed by Tribune Media Services International.

In these high-tech³ times, criminals are finding new ways to wreak⁴ havoc⁵ on society

First online crooks⁶ went “phishing” to reap their harvest of potential identity-theft victims. Now they’re getting into “pharming.” Phishing uses e-mail spam to deliver fake messages designed to look like they’re coming from banks or other legitimate⁷ companies. These messages lure⁸ many unsuspecting individuals into revealing personal or financial information.

Pharming is a new scam that automatically directs computer users from a legitimate Web site to a fraudulent copy of that site. The fraudulent site collects passwords, credit-card numbers or other private information. Pharming uses a fundamental Internet technology known as the Domain⁹ Name System, or DNS. DNS servers translate a Web site’s address into a numerical code for Internet routing. A hacker¹⁰ breaks into an Internet service provider’s DNS servers and switches legitimate addresses stored in the server’s “cache,” a temporary holding area, with bogus addresses. This practice is called “DNS poisoning.”

Why is pharming so dangerous

Pharming cuts out the need for a response from the victim as required by phishing schemes, where the recipient¹¹ of the scam e-mail must open the message and link to the bogus site. “It’s almost entirely¹² out of the user’s hands. They’re simply connecting to a Web site that they believe is a legitimate site,” said Oliver Friedrichs, a senior manager for Symantec’s Security Response Center. “If you look at phishing like you’re pulling individual fish out of the ocean, pharming would be more like you’re throwing a big net.”

On a positive note, users may get tipped off they are on a pharming site because the log-in process or information will not look the same as on the legitimate site, said Christopher Faulkner, CEO of CI Host. He added that the scam sites would most likely ask users for information that is not normally required.

Vocabulary Focus

wreak havoc (idiom) to cause destruction or damage, usually in a violent, confusing or uncontrolled way

fraudulent (adj) [5frC:djulEnt] dishonest and illegal; intended to deceive

out of one’s hands (idiom) no longer one’s responsibility

Specialized¹³ Terms

pharming (n) 网址嫁接 a scam used to obtain personal or private (usually financial related) information by redirecting Web users to phony sites where criminals can capture passwords and other private information

hacker (n) 黑客 a skilled computer user who breaks into someone else’s computer system without permission in order to find out information or do something illegal

身份窃贼新伎俩：网址嫁接

张梵译

值此高科技时代，不法人士正在找寻大肆破坏社会的新方法

网络骗子起初利用“网络钓鱼”窃用潜在受害者的身份获利，如今他们开始利用“网址嫁接”。

网络钓鱼利用垃圾电子邮件，传递看似来自银行或其它合法公司的不实信息，这些讯息吸引了许多无疑虑的人士透露个人或财务资料。

网址嫁接是一种新型骗局，会自动将计算机使用者从一合法网站转接至诈骗版本的同名网站。欺诈网站会收集密码、信用卡号及其它个人资料。网址嫁接使用称为“网域名称系统”或简称 DNS 的基本互联网络技术；DNS 服务器将网址转换成数字代码，以利网际网络决定路由过程。黑客会入侵互联网络服务业者的 DNS 服务器，将储存于服务器“快取区”（即暂存区）的真实网址改为伪造网址，这一做法称为“域名系统下毒”。

为什么网址嫁接这这么危险？

网址嫁接不需要受害者的响应，不像网络钓鱼骗局中诈骗邮件收件者必须开启邮件并链接至诈骗网站。诺顿安全应变中心资深经理奥立佛·弗雷德里希说：“使用者可以说是完全无辜；他们自认为链接到了一个合法的网站。如果你把网络钓鱼想成是把鱼一条条从海中钓出，网址嫁接更像撒下大网来捞鱼。”

所幸网址嫁接有迹可寻，让使用者知道已经进入网址嫁接网站。CI Host 执行官克里斯多佛·福克纳说，网址嫁接网站的登陆过程或所显示信息与真实网站不同。他又说，诈骗网站也很可能会询问使用者一些一般而言不须询问的资料。

点击

收听单词发音

1 ploy
n.花招，手段
参考例句：
I think this is just a government ploy to deceive the public.我认为这只是政府欺骗公众的手段。 Christmas should be a time of excitement and wonder,not a cynical marketing ploy.圣诞节应该是兴奋和美妙的时刻，而不该是一种肆无忌惮的营销策略。

2 knight
n.骑士，武士；爵士
参考例句：
He was made an honourary knight.他被授予荣誉爵士称号。 A knight rode on his richly caparisoned steed.一个骑士骑在装饰华丽的马上。

3 high-tech
adj.高科技的
参考例句：
The economy is in the upswing which makes high-tech services in more demand too.经济在蓬勃发展，这就使对高科技服务的需求量也在加大。 The quest of a cure for disease with high-tech has never ceased. 人们希望运用高科技治疗疾病的追求从未停止过。

4 wreak
v.发泄；报复
参考例句：
She had a burning desire to wreak revenge.她复仇心切。 Timid people always wreak their peevishness on the gentle.怯懦的人总是把满腹牢骚向温和的人发泄。

5 havoc
n.大破坏，浩劫，大混乱，大杂乱
参考例句：
The earthquake wreaked havoc on the city.地震对这个城市造成了大破坏。 This concentration of airborne firepower wrought havoc with the enemy forces.这次机载火力的集中攻击给敌军造成很大破坏。

6 crooks
n.骗子( crook的名词复数 )；罪犯；弯曲部分；（牧羊人或主教用的）弯拐杖v.弯成钩形( crook的第三人称单数 )
参考例句：
The police are getting after the crooks in the city. 警察在城里追捕小偷。来自《简明英汉词典》 The cops got the crooks. 警察捉到了那些罪犯。来自《简明英汉词典》

7 legitimate
adj.合法的，合理的，合乎逻辑的；v.使合法
参考例句：
Sickness is a legitimate reason for asking for leave.生病是请假的一个正当的理由。 That's a perfectly legitimate fear.怀有这种恐惧完全在情理之中。

8 lure
n.吸引人的东西，诱惑物；vt.引诱，吸引
参考例句：
Life in big cities is a lure for many country boys.大城市的生活吸引着许多乡下小伙子。 He couldn't resist the lure of money.他不能抵制金钱的诱惑。

9 domain
n.(活动等)领域，范围；领地，势力范围
参考例句：
This information should be in the public domain.这一消息应该为公众所知。 This question comes into the domain of philosophy.这一问题属于哲学范畴。

10 hacker
n.能盗用或偷改电脑中信息的人，电脑黑客
参考例句：
The computer hacker wrote that he was from Russia.这个计算机黑客自称他来自俄罗斯。 This site was attacked by a hacker last week.上周这个网站被黑客攻击了。

11 recipient
a.接受的,感受性强的 n.接受者,感受者,容器
参考例句：
Please check that you have a valid email certificate for each recipient. 请检查是否对每个接收者都有有效的电子邮件证书。 Colombia is the biggest U . S aid recipient in Latin America. 哥伦比亚是美国在拉丁美洲最大的援助对象。

12 entirely
ad.全部地，完整地；完全地，彻底地
参考例句：
The fire was entirely caused by their neglect of duty. 那场火灾完全是由于他们失职而引起的。 His life was entirely given up to the educational work. 他的一生统统献给了教育工作。

13 specialized
adj.专门的，专业化的
参考例句：
There are many specialized agencies in the United Nations.联合国有许多专门机构。 These tools are very specialized.这些是专用工具。

在线英语听力室_免费在线英语听力学习网站

Identity Thieves’ New Ploy: Pharming