What the heck is “pharming” and should I be worried?

The sky is falling! The sky is falling! …or perhaps not.

What is this thing called "pharming"? Put simply, it’s redirection of web traffic, so that the server you think you’re talking to actually belongs to a criminal. For example: you think you’re talking to www.examplebank.com because it says so in the browser’s address bar, but actually you’re connected to www.mafia-R-us.ru.

This can happen in three main ways:

  1. DNS Hijack: a social engineering attack on the Internet
    infrastructure. Criminals pretend to be the domain owner and have the
    bank’s name re-pointed to their servers.
  2. DNS Poisoning: as above, but a technical attack, taking advantage of possible bugs in the DNS.
  3. Malware: a virus, worm, Trojan, or piece of spyware could
    redirect traffic, usually by writing to the Hosts file, thus
    circumventing the DNS altogether.

None of these issues are new. This is unlikely to become as big a
problem as phishing. Beware of scare-mongers looking for cheap
publicity.

In future posts, we’ll discuss this in more detail, and examine why we
think this is less of a problem than some people would like you to
think.

Post a comment

You must be logged in to post a comment. To comment, first join our community.