There’s been a lot of talk lately about the difference between phishing, a very potent form of identity theft, and its close cousin pharming.

To clear up some of the confusion, let’s first focus on what “pharming” is:

Pharming is a form of Internet identity theft scam designed to trick you into handing over your personal information. It usually focuses on stealing login and password information for your bank or credit card accounts.

Instead of trying to trick you with an email (like phishing), though, pharming sets up bogus web sites and then either tricks you or forces you into visiting them.

Continue reading “How Pharming Can Lead to Identity Theft”

How Pharming Can Lead To Identity Theft

One of the most advanced pharming tactics, called “DNS poisoning,” is also one of the most complicated.

In this scam, thieves need to break into the servers that manage the DNS (Domain Name System) settings. When you type in the URL or domain name of a web site you want to visit, DNS settings are supposed to ensure that you go to the right web site.

DNS poisoning alters the DNS settings so that even when you correctly enter the URL of your bank or other legitimate web site, you still end up on a bogus website that looks like the real thing.

An even easier way to become a victim of pharming is to simply visit an infected website. If you haven’t been vigilant in downloading patches for your computer, especially patches for Microsoft products, the infected web sites can plant malicious code on your computer.

Every time you try to access a sensitive web site, like your bank’s, that malicious code instead instructs your computer and browser to go to the bogus look-alike site instead.

This can be a real nightmare if you’re not very careful about where and how you surf.

Fortunately, there are some basic precautions you can take to avoid pharming websites and prevent Internet Identity Theft.

•    Focus on Internet Identity Theft prevention and awareness. Make sure your computer security always up-to-date with your patching so that infected web sites can’t install malicious code on your computer.

•    Regularly scan your computer for any viruses, Trojans, or spyware that might have been planted there.

•    Be careful when you type the URL of a web site so that you don’t misspell it and end up on a pharming site instead.

•    Add your most commonly-used web sites, like your bank and credit card companies, to your favorites list or bookmarks in your browser. If you use those bookmarks every time you access those sites, you won’t risk mistyping the URL into your browser.

•    Be vigilant when accessing the web pages of your bank or credit card companies because they’re the prime target for pharming scams. Tell-tale signs of pharming include a page that asks for “too much information” or information the site should already know, or a site that has some design inconsistencies that just don’t look right.

•    When entering information into an online form, make sure that the page is secure. Secure signs include the letters “https” in the URL instead of just “http” -- the “s” means the site is secure and uses an SSL certificate to protect your information. Bogus or pharming web sites rarely use a digital or SSL cert and therefore will not usually display the “s.”

•    Similarly, a secure web page should also have the lock symbol in the browser, usually in the bottom of the browser window. A pharming page rarely includes the lock symbol.