Pharming? Phishing? What's the difference?
Many of us are now familiar with phishing
scams. The phishers drop the bait—seemingly legitimate email from financial institutions, banks, or places we shop. The mail claims the institution has suffered a breach in security. We are asked to reply to the mail, sending our lost information. Or we're requested to click through to a fake site that mirrors the original, one where we can hand over all our personal information. The result? These criminals can steal our identities, infest our computers with annoying adware
and spyware, and attack our computers with damaging viruses, worms, and Trojan horses.
But by now, hopefully, we're getting wise to phishing scams. We know not to send personal information by e-mail. We don't click through to bogus sites. We call our bank. Pharming
is sneakier. When we type legitimate URLs in our browser's address bar, pharmers hijack our computers, and reroute us to bogus sites that look identical to the ones we're trying to reach. We can't deal with pharmers the way we can with phishers. Unlike with phishing scams, we can't just refuse to answer the mail or click to a web site. Instead, by typing the name of a site we use everyday—eBay, Amazon, our bank—we're taken to a fake site without even knowing it's a fake.
Still, there are ways to avoid being duped. By educating ourselves, and practicing caution, we can protect ourselves against these scam artists.
How does pharming work?Pharming redirects Internet users from legitimate Web sites to malicious ones using a strategy called DNS cache poisoning. The pharmer covertly hijacks your computer and takes you to a copycat Web site. The site it takes you to is most commonly a page that looks identical to that of your bank, financial institution, eBay, or Amazon. From this point, they ask you to submit your vital passwords and financial information which go straight into their databanks.
Who is at risk? Anyone who uses the Internet and has online banking, credit card, and shopping accounts is at risk to pharming attacks.
Take these precautions
Internet service providers (ISPs) are working hard on their end to filter out pharmed sites. The main thing you can do to protect yourself on your end is to make sure the Web site is authentic. You need to use more than one method to stay ahead of the pharmers. Remember, most of these authentification methods are set up to work only on the pages where you're asked to enter your personal information.
- Use a trusted, legitimate Internet Service Provider. Rigorous security at the ISP level is your first line of defense against pharming.
- The attacker obscures the actual URL by overlaying a legitimate looking address or by using a similarly spelled URL. Check the Web browser's address bar to make sure the spelling is correct. For example, when you type http://www.google.com, you should see that address. But the address for a pharmed site might be http://www.nsgoogle.com.
- Check the http address. When you get to the page where you're asked to enter personal information, the http should change to https. The "s" stands for secure.
- Verify the certificate of the site. It takes just a few seconds to tell if a site you land on is legitimate. On the latest version of Internet Explorer and on many other commonly available Web browsers, go to "File" in the main menu and select "Properties," or right-click your mouse anywhere on the browser screen and, from the menu that pops up, click "Properties." When the "Properties" box opens, click "Certificates," and check if the site carries a secure certificate from its legitimate owner.
- Look for a padlock or key on the bottom of your browser or your computer task bar. A locked padlock, or a key, indicates a secure, encrypted connection and an unlocked padlock, or a broken key, indicates an unsecured connection.
- Install an antivirus program from a trusted security software provider to reduce your exposure to pharming scams. Use a personal firewall to protect your data from hackers, viruses, worms, and Trojan horses.
- Download the latest security updates (or patches) for your Web browser and operating system.
Pharming is a serious concern and it's on the rise. Although ISPs are doing all they can to provide filtering, you still need to exercise caution when using the Internet. Norton Internet Security from Symantec can help protect you against pharming, phishing, and other Internet threats. Also, be sure to visit ClubSymantec
and Symantec Security Response
regularly to get the latest Internet security information.