Sunday, October 5, 2008


The July/August issue of Gracious Times Newsletter featured Phishing (pronounced fishing) as the first Web Byte. As mentioned in that article, Pharming (pronounced farming) will be the Web Byte topic in this issue.

Pharming is a new twist to an old scam. It redirects Internet users, as many as possible, from the sites they intended to visit to bogus ones. These bogus sites usually look like the legitimate site the user intended to visit. The object of the redirection is to capture the user’s login name and password and to use this information for financial gain.

Pharming out scams phishing in that is involves a large group of users being redirected to bogus sites at the same time. This is DSN (domain system name) poisoning. The DSN translates web and email addresses ( into numerical strings known as the IP address ( for the Internet. If these strings are poisoned, the IP address associated with it will cause users to be redirected.

As previously mentioned, pharming has been around for quite sometime, but the increase in incidences is cause for concern. The popularity of Internet banking, online shopping and electronic paying of bills have created more opportunity for criminals to capture personal information (credit card and bank account information as well as login information) than previously.

The issue of concern is the user thinks he/she is at the legitimate site as the bogus site looks like the legitimate site. There is no indication on the user’s computer screen that he/she is not on the site typed in the browser and personal information is divulged which will be used by criminals. Additionally, the user’s other transactions for the legitimate site can also be redirected if the pharming works.

Experts say improved browser security to prevent address spoofing or crypto plug-in which verify the digital certificates of sites can help combat pharming. If browsers would authenticate websites’ identities — display the true physical location of a website’s host, users may not be too quick to enter their personal information into a site located out of the area of operation for businesses they are contacting.

As mentioned in the previous article, more information on this and other Web security issues can be accessed at the Federal Citizens Information Center at or call 1-888-873-3256.

The National Internet Fraud Watch

If you are interested in reading Web Bytes on a particular topic, please email your request to

Information for this article was gathered from various sources including Wired News (wirednews .com) “Pharming Out-Scams Phishing” by Michele Delio and The Register ( “Phishing Morphs into Pharming by John Leyden.

No comments: