Pharming
Pharming is a more efficient and hidden variant of phishing attack. It was devised by fraudsters after users had learnt how to fight with phishing. Pharming is much harder to detect if compared to phishing. Today there is no absolute protection against it.
Pharming is an automatic redirecting of a user to a bogus site while they are trying to get to the official site of some serious organization. The thing is that the user is absolutely sure about visiting the very site he or she needs.
How does pharming work?
There are three pharming techniques:
1. DNS poisoning on a computer
2. DNS poisoning on a server
3. Web site built-in scripts
DNS is a domain name server. It converts domain names to IP site addresses in the Internet. For the site previously used by a user computer has a copy of domain name server reference results called DNS cache. It allows a user to save their time. With the help of a Trojan the cache data can be distorted by fraudsters so that when a user enters the name of a site a bogus site opens resembling the official one. Thus, when the user visits this faked site the fraudsters get their personal ID information.
The most striking thing here is that the computer will not be aware if the user became a victim of pharming. He or she will be using a site record found in the cache without knowing if the site was added to the cache by the user or a malicious program.
The Internet provider server also stores the cache of all frequently used DNA records. The thing is that this situation concerns not only one user visiting some site but thousands of them. Thus, all users of one Internet provider being visitors of the same site may be redirected to a bogus site imitating the real one. This site offers users to register themselves thus allowing fraudsters to reveal their secret data.
Sometimes swindlers try to break the site code to build a script in it to manipulate site users. This script may look like a link to a site or another browser window. This script can also be used for infecting computers when users are surfing the Internet.
How can you protect yourself from pharming?
1. Use up-to-date efficient anti-virus programs.
2. Check URL of every site requesting your personal ID information.
3. Ensure email box protection.
4. Ignore letters received from senders.
5. Ignore following the link to a site stated in an email. You should go to the site by copying the link text or using tab.
6. Save your email address. The simplest way out is to register two addresses. The permanent address you can use for the official sites and the temporary one can be used for forums and social networks.