Just when you finally figured out how to deal with viruses, worms, spam and phishing, along comes pharming. Pharming is like phishing on steroids. A pharming attack maliciously redirects a web browser to a spoof site that harvests personal information. Banking sites are top targets. "It's less of a visible threat, because there is no e-mail. It operates behind the scenes," says Scott Chasin, chief technology officer with Denver-based e-mail security company MX Logic. Unlike phishing, pharming has no social engineering lure. That makes it a more dangerous and stealthy method of attack.
Chasin cites several ways pharming can take place. DNS-cache poisoning, which exploits faults in DNS servers, and malware are the main vehicles that have been identified so far. And a Trojan was identified earlier this year that targeted several major banks.
Pharming attacks can be completely transparent to the unsuspecting internet user. "Pharming, from a threat perspective, has the potential to rival that of phishing," says Chasin. "We're dealing with sophisticated attackers, with very organized criminal enterprises."
There isn't much end users can do to protect themselves other than be aware of the problem. Netcraft offers an anti-phishing toolbar that also works for pharming, alerting users to the geographic location of the site they're accessing. You'll know something is wrong if your U.S. bank suddenly seems to be hosted in Russia.
Chasin says it will take industrywide cooperation and efforts to come up with solutions and better authentication schemes. In the meantime, entrepreneurs should keep an eye out for news on the latest pharming attacks and keep their guard up, especially when accessing financial sites.
For reprints and licensing questions, click here.