According to The Free Dictionary (TheFreeDictionary.com), pharming is “A method of committing fraud by redirecting the customers of a legitimate online business, such as a bank, to a website where details such as account numbers and passwords may be recorded. The website to which customers are redirected is often designed to resemble the legitimate company’s website.”

What is Pharming?

As mentioned in a previous post, Phishing persuades victims through fictitious emails to get them to visit phony sites and reveal their sensitive information. Simply put, Pharming, another method of committing fraud, is a type of phishing that does not include luring the victim to another site. Instead, by using a malicious code placed by a hacker, the system redirects the victim from the official site to a fake site that has been created. When the victim enters information into the fake site it is captured by the hacker and used for nefarious reasons. The victim, unfortunately, is not aware any of this is happening in the background.

To make matters worse, aggressive hackers use pharming and phishing together which often provides the potential for identity theft. As such, customers of banks, financial, and online payment services with any form of monetary exchange are the most highly targeted.

Two-fold Attack

Pharming attacks are two-fold. Both victims and computer systems are involved – addresses on the computer are changed to redirect the user and the victim is hoodwinked into thinking everything is safe. To make matters worse, pharming can be very difficult for malware software to detect leaving the victim further into thinking everything is okay. “Even taking precautions such as manually entering the website address or always using trusted bookmarks isn’t enough, because the misdirection happens after the computer sends a connection request.” (https://www.kaspersky.com/resource-center/definitions/pharming)

Avoidance

To avoid pharming, follow the basic computer safety guidelines in Protect Your Computer. Be especially careful when entering financial information on a website. Look for the ‘s’ in HTTPS and the key or lock symbol at the bottom of the browser. If the website looks different than when you last visited, be suspicious and don’t click unless you are absolutely certain the site is secure.

Let us know if you have additional questions.