Hosts File Protection
One method that could be used to fool you into visiting fake Online Banking sites is DNS Poisoning, or other related attacks.
The HOSTS file is used to store information on where to find computers on the internet - mapping the "human friendly" name to the computer's IP address.
The main functions of the HOSTS file have been taken over by the DNS system - it is not really necessary to maintain one any more - at least for the originally designed purpose.
However, the HOSTS file still works. If you write the IP address of a computer into it, your computer will still use it.
How is a HOSTS file used today?
Today, there is one common use for the hosts file - blocking advertising, dangerous or otherwise unwanted web sites. This is typically done by putting an entry for the website which points to your local machine (127.0.0.1).
e.g. 127.0.0.1 AdvertisingServer.example.org
The problem is that while the HOSTS file can be used for good (see: http://www.mvps.org/winhelp2002/hosts.htm) malicious programs can use the hosts file to either block access to legitimate sites (security sites) or alternatively, redirect traffic from legitimate sites to dangerous sites.
How does Online Armor help to protect me?
Online Armor will monitor the Hosts file for any changes and pop-up when an Unknown program attempts to modify the Hosts file, giving you a chance to Allow or Block it.
If you are installing changes to your hosts file from a trusted site such as MVPS then you should allow the changes. However, if you unexpectedly receive a popup regarding this you should be cautious. If the hosts entry ever relates to a bank or financial site such as Paypal.com - you should assume the worst and seek help.
