Top Layer Networks has announced that its Attack Mitigator IPS 5500 can be used by service providers to proactively protect their customers from a new scam that uses “DNS Cache Poisoning” to cheat innocent Internet users. This new type of attack injects false information into DNS servers, which route traffic by matching domain names with IP addresses at Web hosts, allowing hackers to redirect users to bogus Web sites. These so called “pharming” attacks redirect requests from legitimate financial or online transaction sites to look-alike fraud sites.

In the past, phishing attacks usually consisted of official-looking emails from financial services institutions trying to link to what looks like an official site but is actually an unrelated Web site. Thousands of users unwittingly suffered identity theft by serving up their personal user and password information, which was then used to gain access to their personal banking and credit card accounts.

Pharming, using DNS cache poisoning, is far more sophisticated and accomplishes the same thing by redirecting a legitimate Web site address to a scammer’s site. How this differs from traditional phishing is that a user attempting to directly access their online bank account may think they are on their bank’s Web site, but in reality have been secretly redirected to the scammer’s look-alike Web site and they are giving up personal information to a scammer. This is especially insidious, because the user is never required to click an email attachment or click on a link that was sent to them. In this case, the user is simply returning to a Web site they may have visited many times previously.

Peter Rendall, CEO and President of Top Layer Networks commented, “In recent weeks there have been a number of DNS poisoning attacks that have all the earmarks of a proof-of-concept that has the potential to be the next wave of phishing scams. Internet service providers have an obligation to protect their DNS infrastructures from these sophisticated attacks or face the reality of possible liability as users’ confidential information and financial accounts are compromised.”

Through its sophisticated built-in checks, the IPS 5500 is able to prevent the customer from being redirected to a false site. Top Layer executes high performance, non-disruptive deep packet inspection and analysis coupled with intelligent blocking of attacks through TopFire™ second-generation ASIC technology and TopInspect™ Deep Packet Inspection.