What is pharming?

[Yancy]

Hi all,

I want to know about pharming activities on internet. And how to deal with the same.

[deveritt]

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Pharming has been called "phishing without a lure."

In pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim. In one form of pharming attack, code sent in an e-mail modifies local host files on a personal computer. The host files convert URLs into the number strings that the computer uses to access Web sites. A computer with a compromised host file will go to the fake Web site even if a user types in the correct Internet address or clicks on an affected bookmark entry. Some spyware removal programs can correct the corruption, but it frequently recurs unless the user changes browsing habits.

[Trio]

Pharming is a hacker's attack aiming to redirect a website's traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses.

Pharming has become of major concern to businesses hosting ecommerce and online banking websites. Antivirus software and spyware removal software cannot protect against pharming.

[johnson22]

"Pharming" is the term for when criminal hackers redirect Internet traffic from one Web site to a different, identical-looking site in order to trick you into entering your user name and password into the database on their fake site.

Anti-pharming techniques and technology are used to combat pharming.
Traditional methods for combating pharming include: Server-side software, DNS protection, and web browser add-ins such as toolbars. Server-side software is typically used by enterprises to protect their customers and employees who use internal or private web-based systems from being pharmed.
DNS protection mechansims help ensure that a specific DNS server cannot be hacked and thereby become a facilitator of pharming attacks. Spam filters typically do not provide users with protection against pharming.

[Techno01]

A particularly ominous pharming tactic is known as domain name system poisoning (DNS poisoning), in which the domain name system table in a server is modified so that someone who thinks they are accessing legitimate Web sites is actually directed toward fraudulent ones. In this method of pharming, individual personal computer host files need not be corrupted. Instead, the problem occurs in the DNS server, which handles thousands or millions of Internet users' requests for URLs. Victims end up at the bogus site without any visible indicator of a discrepancy. Spyware removal programs cannot deal with this type of pharming because nothing need be technically wrong with the end users' computers.

Once personal information such as a credit card number, bank account number, or password has been entered at a fraudulent Web site, criminals have the information and identity theft can be the end result.

A PhC web site uses a secure connection to prevent other web sites from impersonating it. PhC web sites typically use the HTTPS web protocol on their login page to allow the user to verify the web site's identity. If an attacker attempts to impersonate a PhC web site, the user will receive a message from the browser indicating that the web site's "certificate" does not match the address being visited.