Index Ask! Random

Question: What is Pharming? How Is It Different From Phishing?

Doug,

I've been hearing about pharming lately, and was wondering what it is. Is it different from phishing?

Thanks

Answer

Pharming is a specific kind of phishing scam. If you don't know what phishing is, it's basically any kind of scam in which the scam artist goes "fishing" (phishing) for your personal data. That might be a credit card number, a bank account number, or even just login information. Often they'll send you emails which look like they come from your credit card company, and there's a link in the email that looks like it's a link to your credit card company's website. Actually, it's a fake website, and if you enter any information on it, you've given your personal data to the scammer.

Pharming is like that, but it's a little more treacherous. The pharmer sends you an email or file containing a script which runs on your computer and modifies your HOSTS file. The HOSTS file is an interesting little file; its purpose is to allow your web browser to automatically redirect one domain to another. If the HOSTS file is modified to redirect your bank website or credit card website to the scammer's website, then then next time you visit your bank's website, your web browser redirects you to the scammer website, and you never know the difference!

Wondering where your HOSTS file is? Well, if you've got a Windows machine, browse to the Windows directory, then to the System32 directory. Inside the System32 directory there's a Drivers directory, and inside an ETC directory. So the complete path (assuming your Windows system is installed on the C drive) is c:WindowsSystem32DriversEtcHosts.

Note that the Hosts file has no extension at all. When you double click it, you'll be prompted for a file to "open it with". Select Notepad, or Wordpad, or some wordprocessor.

Bookmark and Share