What is Pharming? Phishing and Farming
Pharming, a combination of the words "phishing" and "farming", and is a type of cybercrime very similar to phishing, where a website's traffic is manipulated and confidential information is stolen. Pharming exploits the foundation of how Internet browsing works — namely, that the sequence of letters that form an Internet address, such as www.google.com, have to be converted into an IP address by a DNS server in order for the connection to proceed. This exploit attacks this process in one of two ways. First, a hacker may install a virus or Trojan on a user's computer that changes the computer's hosts file to direct traffic away from its intended target, and toward a fake website instead. Second, the hacker may instead poison a DNS server, causing multiple users to inadvertently visit the fake site. The fake websites can be used to install viruses or Trojans on the user's computer, or they could be an attempt to collect personal and financial information for use in identity theft.
Pharming is an especially worrisome form of cybercrime, because in cases of DNS server poisoning, the affected user can have a completely malware-free computer and still become a victim. Even taking precautions such as manually entering in the website address or always using trusted bookmarks isn't enough, because the misdirection happens after the computer sends a connection request.
Protecting yourself from these types of scams begins with the installation of a robust anti-malware and antivirus solution, to be used in conjunction with smart computing practices like avoiding suspicious websites and never clicking on links in suspicious email messages. These steps will prevent most malware from accessing your computer and changing your hosts file.
However, that's only part of the threat, so you also have to be smart about the websites that you visit — especially those that contain your personal or financial information. If the website looks strange, the address in the address bar looks off, or the site starts asking for information that it normally doesn't, check to ensure there is a lock icon in the address bar, denoting a secure website, and click on the lock to ensure that the website has a trusted, up-to-date certificate. Those running DNS servers have some pretty sophisticated anti-pharming techniques at their disposal, but the risk of being hacked is always there, so you can only mitigate the risks through a combination of personal protection and Internet awareness.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.