Britain's New Scientist magazine reports hackers can now trick computers to misdirect users to fake Web sites that steal personal information.
First a hacker sets up a fake Web site to capture any information entered. He or she then sends an e-mail to a bogus address. The computer server of the company or Internet service provider where the e-mail is aimed automatically responds. During this exchange, the hacker plants malicious software in the cache of the target server. The code redirects queries to popular Web sites, such as the site of a large bank, to the fake, or "poisoned," Web site, the magazine reported.
When users try to access popular sites, even if they type correct addresses in directly, they are redirected. They may never realize they have been routed to the poisoned site.
Patches to virus software already have been issued to combat the new scam, but servers can pass along the poisoned site addresses to new servers that are not upgraded properly.
© Copyright 2005 by United Press International
