First, check out this article:

http://www.desktoppipeline.com/showA...leId=159907308

This caught my eye:

More important, however, is that phishing without an accompanying e-mail "lure" is becoming more common. So called "pharming" attacks don't rely on legitimate-looking e-mails to lure users to fake Web sites, but automate that process by planting malicious code on vulnerable systems, then modifying the PC's HOSTS file to point to fraudulent sites rather than to the real deal.
So, I'm just now learning about the HOSTS file and what that's all about. A computer checks it's host file when trying to resolve a hostname to an IP, right? Then if it doesn't see it in the HOSTS file, it moves on to query DNS (correct me if I'm wrong, I'm just now learning the details of this).

So, does that mean these "pharmers" are actually using malware to alter the listings in the HOSTS file so that if I typed, for example, "www.yahoo.com" it would check the corrupted HOSTS file and instead take me somewhere like "www.yaho0.com", where a phishing scam would happily await me?

If so, that's darn interesting. Those of you who are gurus at this please expand on this and enlighten us...

Second, look at this:

On Monday, Websense said it had received reports of a phishing attack directed at Monster.com, the online job posting Web site. Users receive a spoofed e-mail, supposedly from Monster.com's customer service, saying that their account has been suspended, and that they need to login to check their information.
Interesting target eh? Do you think the author is on the right track with his deductions, or is he perhaps overlooking something? I'm wondering myself...this could open the door for some really interesting social engineering attacks, I would think, given that this phishing tactic involves resumes. What do you think?

Discuss!