Skip Navigation
IMPORTANT: This is a Web Standards compliant site. The proper design and layout is only visible in a graphical browser that supports Web Standards. The content, however, is accessible to any modern browser or Internet device with JavaScript capability enabled. If you are having problems viewing this site, or suspect that it is not displaying properly, you may want to upgrade to a Web Standards compliant browser. For more information visit the Web Standards Project.
Online Fraud

Spoofing, phishing, pharming and what you can do about it.

Spoofing and Phishing

“Spoofing” is the sending of fraudulent email, or faking an Internet address or website. Spoofing and phishing generally go hand-in-hand. “Phishing” is the use of fraudulent email to commit online fraud and identity theft. The “ph” is a common substitute for the letter “f” among Internet hackers, and phishing is an attempt by scammers to troll the sea of online consumers in hopes of netting unsuspecting victims.

Identity thieves send massive numbers of emails to Internet users that ask them to update the account information for their banks, credit cards or popular shopping sites. The email message may claim that the recipient’s account information has expired, been compromised or lost and that the account holder needs to immediately resend it to the company.

Sometimes this fraudulent email appears to have been sent from the domain of a legitimate bank, insurance agency, retailer or credit card company. In fact, the fraudster’s identity has been hidden behind these credible sources in the practice of spoofing. In recent months, scam artists have spoofed millions of online consumers by disguising themselves as PayPal, Citibank, Best Buy, eBay and even the Federal Deposit Insurance Corporation.

Such fraudulent attacks often include emails with official looking links to a web page. Other times, emails ask the recipient to download and submit an electronic form. While these links and forms may appear to be directed to a legitimate business site, they actually take personal information to a site created by the phishing thief.

These messages, forms and web pages all have only one purpose: To persuade the recipient to divulge personal authentication data, such as account user names and passwords, credit card numbers and Social Security numbers. These emails look “official” and, as a result, as many as five percent of recipients respond to them, becoming victims of financial loss, identity theft and other crimes.

Identifying Fraudulent Emails

It is incredibly difficult to detect fraudulent emails, as spoofers have become increasingly sophisticated in their attacks. However, there are certain characteristics Internet users should look for that are common to many fraudulent emails:

  • Personal information requests: An indicator of spoof email is a request for the recipient to enter such sensitive personal information as a user ID, password or bank account number by clicking on a link or completing an email form.
  • Sender’s address: Email recipients should not rely on the sender’s email address to validate the true origin of the email. While it may look legitimate, the “From” field can be altered easily.
  • Threats to accounts: Some spoof emails declare that the recipient’s account is in jeopardy and that verifying information is required to keep the account from being closed, suspended or restricted.
  • Lost information: Consumers should be wary of claims that a company is updating its files or accounts. Reputable organizations with an established Internet presence and strong security measures are not likely to lose account information.
  • Links: Links that look like they connect to a particular site may have been forged. Always open up a new browser window and manually type in the Web site address.

Catch a Phish

Phishing emails are designed to look like they are sent by legitimate businesses. Can you tell the difference between a fake and the real thing?

  • Click here to take the SonicWALL Phishing IQ Test.
  • Click on the links to view sample e-mail messages from trusted senders like Visa and Microsoft.
  • For each one, decide whether you think it's legitimate or fake.
  • After you’ve viewed all 10 sample messages and made a selection on each, hit the “Get your score” button at the bottom of the page to check your results.

Preventing Spoof

  1. Be extremely skeptical of email received from someone you don’t know.
  2. Use separate passwords for each online account so that if one is stolen, it will not provide access to the others.
  3. Select unique passwords and change them every 30 days.
  4. Do not click on a link embedded within any potentially suspicious email. Always access your accounts by opening a new browser and typing in the entire URL into the address bar.
  5. Users should not download attachments, software updates or applications via an email link.
  6. Call your financial institution to verify the account status before divulging information purportedly needed to keep their account out of jeopardy.
  7. Do not respond to any request for financial information that comes to you via email.
  8. Update anti-virus software weekly to help deter email viruses.
  9. Use the most current versions of browsers, anti-virus software and operating systems.
  10. Check online accounts regularly.
  11. Install and run firewalls.
  12. Use an internet service provider that offers built-in virus detection and spam blocking capability.

Pharming

Although it’s been getting a lot of press lately, “pharming” has been around for a few years. It is an online scam that can, without warning, automatically direct a Web browser from a legitimate website to a fraudulent copy of that site. The fake site may collect passwords, social security numbers, account numbers or other personal information. The hackers then harvest your private information and put it to criminal use.

01. The DNS System

To understand how pharming works, you need a little background on the Domain Name System (DNS). The Domain Name System is a large network of Internet computer servers that quietly translate the familiar addresses you type into your browser’s address bar into specific Internet Protocol (IP) addresses.

An IP address is a string of four groups of numbers separated by periods. The IP address for buttecommunity.com is 65.36.206.214.

These servers are basically large directories of common names such as amazon.com, google.com and microsoft.com, and IP addresses that you never see.

For example, if you type buttecommunity.com, this request goes to your nearest DNS server, which then locates the registered IP address at the host server for Butte Community Bank. This system is a lot easier than always remembering 65.36.206.214 or something similar.

02. DNS Poisoning

Unfortunately, this translation process can also be a weak link in the Internet’s infrastructure. When a hacker “poisons” a DNS server, he or she changes the specific record for a domain, sending you to a Web site very different from the one you intended to access – Without your knowledge. Usually, the hacker does this by posing as an official who has the authority to change the destination of a domain name.

DNS poisoning is also possible by exploiting software vulnerabilities. Just watching the address bar on your browser won’t inform you of any re-direction. The URL and possibly even the fake site will look just fine.

03. What Butte Community Bank is Doing

  • Registrar Lock: Whenever we register or renew a domain name, we enable a feature called Registrar Lock. Once activated, Registrar Lock helps provide protection from domain hijackers and unauthorized domain name transfers. Only Butte Community Bank can turn off Registrar Lock for its domain names.
  • Different Servers and Names: Our main website and our online banking site are hosted on separate servers with different domain names.
  • Firewall: Our computer systems are protected 24 hours a day by a powerful firewall that blocks unauthorized entry.
  • Encryption: From the moment account information leaves your computer to the time it enters our system, all online access and bill pay sessions are encrypted. Butte Community Bank employs some of the strongest forms of encryption commercially available for use on the Web today.
  • Technology Updates: In order to confront constantly evolving online threats, Butte Community Bank is committed to using the latest technology to ensure your account security.

04. Protect Yourself

  • Change your user ID and password frequently.
  • Familiarize yourself with how our site looks and functions. If anything seems odd call 1-888-842-8883.
  • Use anti-virus and intrusion detection software combining proactive and reactive detection systems. The simplest way of manipulating a computer so that it becomes the victim of a pharming attack is by using malicious code, generally Trojan horses. It is highly advisable to use proactive protection systems that can pre-empt threats and block them simply by analyzing their behavior.
  • Install a personal firewall. This precaution will prevent a hacker from entering your computer through an unprotected communication port and modifying the system.
  • Frequently update the software installed on your computer or have automatic update systems enabled to ensure there are no vulnerabilities that can be exploited in order to launch these kinds of attacks.