Setting up a fraudulent Web site that contains copies of pages from a legitimate Web site in order to capture confidential information from users. By hacking into DNS servers and changing IP addresses (see DNS hijacking), users are automatically redirected to the bogus site, at least for some period of time until the DNS records can be restored.
For example, if a bank's DNS were changed, users could be redirected to a Web site that looks familiar. The bogus site could just collect usernames and passwords, or it could allow access to the site and, using some pretense, request financial information. Unlike phishing schemes that use e-mail to make people go to the phony site, pharming is more natural. Users are going to the site on their own and are certainly not suspicious because the pages look familiar. See phishing and DNS hijacking.
For example, if a bank's DNS were changed, users could be redirected to a Web site that looks familiar. The bogus site could just collect usernames and passwords, or it could allow access to the site and, using some pretense, request financial information. Unlike phishing schemes that use e-mail to make people go to the phony site, pharming is more natural. Users are going to the site on their own and are certainly not suspicious because the pages look familiar. See phishing and DNS hijacking.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2008 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- Does TraceMonkey kick Firefox into turbo mode?
- Does TraceMonkey kick Firefox into turbo mode?Wow, we are breaking down the barriers to web application adoption for allof our every day applications. The speed here will be so close to natively compiled code that it will not matter any more. But, we still need some kind of a sandboxed...
- Discussion threads 2008-08-26
- DNS cache poisoning attacks exploited in the wild
- UPDATE: Arbor Networks have provided more details in their "30 Days of DNS Attack Activity" analysis, SANS confirmed HD Moore's statement on DNS cache poisoned AT&T DNS servers. Numerous independent sources are starting to see evidence of DNS cache poisoning attempts on their local networks, in what appears to be...
- Blog posts 2008-07-29
- Protect Your Organization and Customers From a Wide Variety of Online Attacks Using Symantec Online Fraud Protection
- This webcast explains how Symantec Online Fraud Protection protects such organizations and their customers from losses that can result from online fraud. It helps protect against the threats of identity theft, phishing, pharming, and other varieties of online fraud to preserve the organization's brand, improve customer loyalty, minimize losses, and...
- Webcasts 2008-05-21
- Panda Internet Security 2008 (exe)
- The new Panda Internet Security 2008 is a complete solution that protects your PC against identity theft and attempts to steal your bank details. It also includes protection against viruses, spyware, hackers and other Internet threats. It doubles your PC security with TruPrevent Technologies, protecting against unknown viruses and intruders.Panda...
- Software downloads 2008-02-20
- Getting hooked: Phishing, pharming and online threats
- Sponsored: There's no shortage of malicious code on the Internet. Agent Peterson of the Geek Squad offers some tips on how to protect yourself from viruses and spyware. The content for this video was sponsored and provided by Geek Squad.
- Whiteboards 2007-11-15
- Information security by the numbers: It's not pretty
- A pair of security surveys were released Tuesday and the findings aren't pretty. First up, the Computing Technology Industry Association CompTIA released a survey on information security breaches. Among the findings: Among companies that reported a security breach in the last year, the...
- Blog posts 2007-09-18
- Unified Threat Management Appliances and Identity-Based Security: The Next Level in Network Security
- Enterprises, regardless of size, are increasingly realizing that their computer systems are vulnerable to as many security threats from within the company as from without. These insider threats lead to security loopholes created out of user ignorance and malicious intent with unauthorized access, leading to loss of data confidentiality, bandwidth...
- White papers 2007-09-01
- Catbird secures virtualized environments
- A short while ago, I had a wonderful conversation with Edmundo Costa, CEO, and Tamra Newberger, VP of marketing, of Catbird , about a new product they were launching. Since I've spoken with them many times in the past when they were associated with Tarantella and the Santa Cruz Operation,...
- Blog posts 2007-07-05
- Remote vulnerability in high-profile Firefox extensions
- Today is Firefox Patch Day but even after you install the latest security updates from Mozilla, those browser extensions you use and love could put you at risk of code execution attacks.According to independent researcher Christopher Soghoian of boarding pass hacker fame, there's a remote vulnerability in the upgrade mechanism...
- Blog posts 2007-05-30
- I've got two free 'ID Vaults' for the members of ZDNet's audience who....
- Two Friday's ago, I announced ZDNet's Deputy Tester of the Week program. The following Monday, in search of our first deputy testers, I offered three free copies of PPTMinimizer 3.0 to the members of ZDNet's audience who needed a utility like that for compressing PowerPoint files into more manageable...
- Blog posts 2007-05-29
- Compliance: The Gramm-Leach-Bliley Act of 1999
- The Gramm-Leach-Bliley Act GLBA, also known as the Financial Services Modernization Act of 1999, was enacted in part to protect consumers' private financial information. It allows consumers to control the use of their private information and to secure and protect that information from unauthorized use or access. With identity theft,...
- White papers 2007-04-17
- Identity Protection Services: Security Solutions for Financial Institutions
- Perimeter offers an industry leading suite of identity protection services that include anti-phishing and pharming services to protect the most valuable asset to any financial institution - its customers.
- White papers 2007-03-01
- Cisco confirms router 'pharming' exploits
- The router hijack exploit scenario detailed by researchers at Symantec may affect Cisco routers that are marketed for the Small Office/Home Office SOHO, Remote Office/Branch Office ROBO and teleworker business segments, according to a notice from Cisco's incident response team.The background: Symantec's paper PDF. Coverage by Joris Evers and Brian...
- Blog posts 2007-02-16
- Top Ten Threats for 2007
- Top Ten Threats for 2007RE:Top Ten Threats for 2007I would include...Privacy, Proxy caching, Ajax valnarabilities, Securing RSS feedsTop threat for 2K7... (dramatic pause...)[b]AT&T[/b]The recent FCC approval allowing AT&T to assimilate BellSouth brings the reality of Mutha Bell being handed control of the Internet one step closer, with the government being...
- Discussion threads 2006-12-27
- Drive-By Pharming
- Inexpensive broadband routers are a popular way for people to create an internal, and sometimes wireless, network in their homes. By purchasing such a router and plugging it in, they can have a network set up in seconds. Unfortunately, by visiting a malicious web page, a person can inadvertently open...
- White papers 2006-12-13
- Phishing and Pharming
- Organizations face a complex challenge in securing their computing environment. Organizations and their employees are increasingly targeted in phishing attacks designed to steal proprietary company data and distribute malicious code. New pharming incidents also present increasing challenges that IT needs to address. This paper describes phishing and pharming and...
- White papers 2006-12-08
- Dr.Web Antivirus plus Antispam (exe)
- Download a compact and fast anti-virus solution for PC. Dr.WEB is not just an Anti-virus product, It has the ability to go beyond other products on the market by being able to detect, cure and or delete malicious programs such as, but not limited too: Mass-mailing worms, E-mail viruses, File...
- Software downloads 2006-11-16
- Anonymizer Anonymous Surfing (exe)
- Anonymous Surfing hides your IP address, protecting your privacy and securing your identity by staying one step ahead of online predators. Online snoops are unable to track the sites you visit and build profiles on your Internet activities. Anonymizer's Anonymous Surfing protects you and your family from identity theft, keeps...
- Software downloads 2006-10-24
- Norton AntiVirus 2007
- Norton AntiVirus is back. With the release of Norton AntiVirus 2007, Symantec has both slimmed down the product and deepened its defenses by rewriting much of the code, making the 2007 version a valuable upgrade for existing users and worth a second look from new users and previously dissatisfied Norton...
- Product reviews 2006-09-26
- MyIdnWebShield (msi)
- IdnWebShield, the first security software which combines seven technologies completely focusing on phishing & pharming protection. IdnWebShield is a security tool that provides full protection against all phishing and pharming attacks. IdnWebShield is already pre-configured for full protection mode, easy-to-install, and easy-to-use it works automatically in the background for anybody...
- Software downloads 2006-09-05
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
-
-
Tasty Baking’s new LEED factory
0:57
Tasty Baking CIO: Brendan O’Malley
-
Balancing act: innovation vs. reliability
1:28
Facebook VP of technical operations: Jonathan Heiliger
-
Securing data at E-Loan
1:47
E-Loan CIO: Jay Shah
-
When crops are scarce
1:47
Del Monte Foods CIO: Marc Brown
- View all CIO Vision Series Videos »
