Who are the victims?

People with social media pages, bank accounts, and any financial information online is at risk.

How does pharming happen?

There are two types of pharming.

One type is a process which installs malware on the computers of internet users who simply open a fraudulent email claiming to be sent by the person’s financial institution. The malware then installs codes which direct users to fake financial institution websites where they are tricked into entering their personal information which is then stolen and saved into a database. This is different than phishing since victims are not required to fill out a form sent via email or instant messaging.

The second is a process of a more malicious nature called DNS poisoning.   In this process, DNS (Domain Name System) servers are hijacked by hackers and made to direct internet users to a fake financial institution website. Pharming websites can also install a type of spyware called keyloggers, which track the keystrokes of users and lead to more personal information being stolen. This type is more malicious because the process does not require users to open any emails.       

How can we prevent pharming?

• Be aware of the appearance of your bank’s real website.  Fake pharming websites often look similar to authentic websites but not identical.

• Keep antivirus and antispyware programs up to date and scan your computer regularly.  This can help remove malicious codes and keylogger software.

• Look for the VeriSign logo when entering important information on a web page.

Recent pharming attack

http://news.techworld.com/security/3505049/criminals-hack-300000-home-routers-as-part-of-mystery-pharming-attack/

Examples of pharming scams

fake websites

real website with pop-ups

TheHeartbleed Bug

Where to report pharming

Consumer Fraud Reporting

http://www.consumerfraudreporting.org/pharming.ph

StopFraud

http://www.stopfraud.gov/protect-identity.html