What is pharming?
Every web site on the internet has a so-called unique IP Address; much like phone numbers, these IP Addresses identify servers across the global internet and permit the routing of traffic from one network to another. In order to simplify the process of accessing data and information across the World Wide Web, a Domain Naming System (DNS) was established for the assignment and translation of simple names, for example “www.google.com” or “bfsfcu.org” to unique IP Addresses. By manipulating domain naming entries via exploits in DNS servers, hackers attempt to redirect a web site’s traffic from the valid IP Address to an alternate site; typically faked to appear legitimate in the hopes of “phishing” for valid authentication credentials and/or personal information such as e-Mail addresses.
Pharming is a scam that often relies on infected, hacked, or otherwise compromised computers. Once a computer has been compromised, customers attempting to navigate to a legitimate bank’s Web site by a customer will be re-directed to a spoofed Web site. This can be accomplished in a number of ways. A virus or malware on a PC can re-route a customer to a spoofed Web site even when the customer has directly entered the address on their browser. Domain Name System (“DNS”) cache poisoning (altering DNS re-routing) by phishers causes customers to be re-directed by the Domain Name System. DNS addresses are text, such as www.google.com but these are translated into numeric IP addresses. Pharmers attack the translation process and redirect your computer to the scamming IP address and Web site. The sites will likely look similar and the information you enter will be sent to the scammer, not to your trusted company.
Pharmers redirect as many users as possible from the legitimate website they intend to visit and lead them to malicious ones, without the users’ knowledge or consent. A malicious site can look exactly the same as the genuine site. But when users enter their login name and password, the information is captured. Emailed viruses that rewrite local host files on individual PCs, and DNS poising have been used to conduct pharming attacks. Even if the user types the correct web address, the user can be directed to the false, malicious site.
