Pharming

Pharming is another technique that a hacker or scammer uses to obtain your information to commit identity theft.


This is done by attempting to redirect you to a website that is made to look like one you usually do business with. A malicious code is put into a personal computer or a server.

This is done without consent and many times is not detectable. When a personal computer is affected this is usually done by an email that the consumer opens and the malicious code is then placed by way of a virus called a trojan horse.

This type of fraud is much more sophisticated than its "relative" phishing as YOU are not tricked into a scam. Instead it is much more of a cybercrime as the "pharmer" is in some instances changing how a server directs traffic.

This can be a fraud of a much wider scope as it can affect a group of people using a server and therefore much more dangerous.

One of the names for a type of pharming is called DNS (Domain Name Service) cache poisoning. DNS is the name of a server (usually a local one) that converts the name of a website into it's numerical version.

The internet communicates by way of numbers not letters. That is complicated for humans so we use easy to remember names for the websites we want to visit.

The DNS servers change those names into the numerical version of the website we want to visit. A DNS cache poisoning is an attack that changes how these servers communicate with other websites and instead direct the communication to where the hacker wants this traffic to go.

Another type of attack poisons the local host files. If your computer is part of that host's files then even though you type the correct address it will be redirected to whatever site the affected host file will now direct.

Spyware removal programs may be able to correct the attack on host files or those directed to a single computer, but the one that attacks a DNS server can not be corrected by spyware.

Pharming Protection

The only real protection one has is hoping the organization that holds the DNS servers that you may be using (they are local) is protecting themselves with anti pharming software. There seems to be plenty available as the web has much advertisement this way.

If you are dealing with a site that says they use VeriSign then you know they are taking anti-pharming steps. VeriSign is a server certificate authority. If you are on a site that says the certificate can not be trusted this can be a sign of a breach but it can also be the sign of a small site that can't afford the extra layer of protection of certificate authentication.

If you are buying a product from someone and it is a small time retailer then contacting them and sending an order by mail might be the absolute protection you may want to rely on rather than gambling and putting credit card information into a site that could be compromised and becoming a victim of identity theft.



Other things to do when the warning that the certificate cannot be trusted

Another possibility is that the certificate expired.

And lastly they were not signed by a trusted certificate authority.

As mentioned above this could just be an affordability issue with a small company, but these are the things to look for to protect yourself. Then you will be able to make an informed choice about how to proceed.

Another protection is the anti-phishing act which also covers pharming. This legislation proposes that those that are caught using these techniques (phishing or pharming) can be fined up to $250,000.00 and serve jail time of up to 5 years.

Pharming is a technique that could have some long range disastrous consequences, though since this technique has been discovered there have only been a few notable occurrences that were shut down fairly quickly.

This type of fraud takes quite a bit of work but as hackers become more and more savvy and experienced this may very well be the concern of future internet business.

return from pharming to credit fraud

return to credit repair resources home page