what is pharming

A new scam that is being increasingly seen is called pharming. Unlike a phishing attack, victims of this scam do not need to click a link or attachment. Instead, they are automatically redirected to fraudulent websites.

The pharming scam corrupts a basic service of the internet known as the Domain Name Service (DNS). This service translates a human-friendly Uniform Resource Locator (URL) name, such as www.alecu.org, into an Internet Protocol (IP) address. An IP address is a unique number that has been assigned to each web server on the Internet. Each machine connected to the internet knows the location of one or more DNS servers, which contain a database of domain names and their corresponding IP addresses.

When a user types a web address into their browser, the DNS server translates the domain name into the corresponding IP address and directs the user to the correct website. Pharming attacks corrupt this process by redirecting users to fraudulent websites, allowing scammers to steal sensitive information such as usernames, passwords, and credit card details.

Pharmers must gain access to the DNS server. Next, they replace the IP number for the financial institution's URL with the IP number of their fraudulent website. When this occurs, any person using that DNS server will be secretly redirected to the fake website.

Pharming requires either an unpatched software/server vulnerability to exist on the DNS server itself, or the criminal needs an insider at the Internet Service Provider (ISP) or financial institution to make unauthorized DNS server changes.

ALEC takes steps to ensure its members' security and personal information. We regularly manage and update our DNS server's software. This helps maintain an extremely high level of security. Discover more information about the measures taken by ALEC to ensure your security.

Additionally, you can read our article, advice for maintaining computer security, for helpful advice on precautions you can take to protect yourself.