Network Solutions

What is Pharming?

Internet Security Learning Center

Helping to keep your domain name secure

Learn how to keep your registered domain names secure - including how to protect your Small Business's domain names from expiration and loss, unintended transfers, cybersquatting, and other threats to domain security.

Home  |  Internet Security Glossary  |  Site Map

Search:

Home > Domain Name Security > What is "Pharming"? And How Do You Guard Against It?

What is "Pharming"? And How Do You Guard Against It?

 

Pharming is an activity criminals use to redirect users from legitimate Web sites to fraudulent ones where confidential information such as credit card and bank account numbers are requested in order commit identity theft. The fraudulent Web sites appear to be the legitimate destination the user originally sought, and may indeed contain images and text stolen from the actual Web site.

How are criminals able to do this?

In a way it's like those scenes in countless movies where the bad guys change a road sign, steering the hero onto the wrong path. On the Internet, those road signs are numbers (IP addresses) and domain name (the address you enter in your browser, such as abc.com, xyz.org, and so on.).

Every page on the Internet is issued a unique IP address consisting of four sets of numbers between 0 and 265 separated by dots such as 205.178.187.13. These addresses represent the domain name of a specific Web page. The relationship between the IP address numbers and the domain name is maintained - and constantly updated - on computers called Domain Name Servers (DNS.)

By hacking into unprotected DNS servers, criminals are able to redirect traffic from legitimate Web pages to their own, often visually indistinguishable pages, where they request passwords, PIN numbers, account numbers, and similar information.

Most DNS servers are protected by both software and hardware tools designed to keep the pharmers out, and constantly updated against new pharming techniques.

Additionally, there are steps you should take to protect yourself against being victimized by a pharming site:

  • Look for the padlock: legitimate on-line businesses provide you with high levels of encryption (translation of your information into code) and do so within the protection of a secure connection created by an SSL Certificate and represented by a locked padlock in your browser. If the padlock is missing, or unlocked, be careful and proceed cautiously and do not enter any confidential information.
  • Look before you type: it's also essential to investigate the security certificates and seals on commercial sites; by moving your mouse over these you should see details about the levels of encryption and security the site provides, as well as information about the company itself.
  • Look out for unexpected or unsolicited requests: pharming is related to phishing, the use of legitimate-appearing e-mails to request your confidential information. Be careful and avoid responding to unexpected or unsolicited requests to visit a commercial Web page for the purpose of confirming confidential information.

The Bottom Line: Most DNS servers are carefully monitored by the companies that maintain them, with software and hardware guards against pharming attempts. But there's a personal element in protecting yourself as well: always verify that a site is legitimate, protected by high level secure connections and encryption procedures before you enter any data.