Tech Term Tuesday, Issue 12

What is Pharming?

Pharming is a hacker’s attack aiming to redirect a website’s traffic to another, bogus website without the web site user’s knowledge or consent. Most times this is possible by exploiting a weakness in a web site’s domain name system. The aim of pharming is primarily to attempt to obtain a user’s personal information. Therefore it is not uncommon for users who reach these bogus websites to be presented with pages that ask for their credit card or bank account information.

Pharming is almost closely associated with another term, phishing, which involves the receipt of an e-mail message that appears to come from a legitimate source but attempts to also obtain personal information.

Pharming is explained in more detail in the video below:

Any Examples of Past Pharming Attempts?

In the past there have been many pharming attempts:

  • In January 2005, the Domain Name for a large New York ISP, Panix, was hijacked to point users to a site in Australia.
  • In 2004 a German teenager hijacked the eBay.de Domain Name.
  • Hushmail, a provider of secure email services, was also attacked with pharming in April 2005 when it compromised to redirect users to a defaced webpage.

Any Interesting Facts?

  • Drive-by pharming is another term derived from pharming where a hacker can drive hijack an unsecure home wireless router and change its default DNS settings to point to a rogue website.