Pharming (pronounced farming) is a term that was word played on farming and phishing. It refers to a technical attack that is aimed at redirecting a legitimate website’s traffic to a fraudulent site. This can be done by changing the hosts file on a victim’s computer or by compromising a DNS server. DNS servers are like huge phonebooks that translate common site names to real addresses. The entire Internet functions on these DNS servers and if one is compromised, the attacker can funnel traffic to any site that he/she desires. To the user, the site looks legitimate and will generally attempt to get the user to disclose sensitive information such as logon credentials or other personal information that we should know better than to submit to a vendor that we are already doing business with.
Pharming is similar to phishing in the way that it attempts to fool users into divulging sensitive information, but it goes one step further in actively getting the user to go to these sites by manipulating the DNS servers or the host files of a personal computer.
Sophisticated measures known as anti-pharming are required to be implemented to protect against these types of attacks. Antivirus and other anti-malware software provide no protection against pharming attacks. Individuals can help protect themselves by performing the following:
- Always type in the URL of the website you intend to visit instead of clicking on hyperlinks or bookmarks
- Always look at the website address to ensure it appears to be legitimate and similar to that viewed in previous site visits
- Always question why any institution that you have a relationship with would ask for your personal information (they will already have it on file!)
- Always contact the institution via telephone if you are not certain or something seems suspicious