Though we’ve recently covered a few scams about phishing and e-mail, some swindlers have graduated from targeting victims one-by-one to a large-scale scam called pharming. Pharming can reel in potentially millions of unwitting victims to their schemes without anyone realizing it.
Pharmers divert as many users as they can from legitimate commercial sites to malicious ones. These sites look exactly like the genuine site, but when users sign in with their log-in names and their passwords, this information is taken by criminals. Once they have these, they can access your account information and take credit and bank account numbers for their own nefarious use. Pharming are often targeted o auction and banking sites where financial rewards are great.
The most alarming pharming threat involves something called DNS poisoning. All the hosts in the internet are identified by numbered strings called IP addresses, and computers identify different sites using these. Because it’s difficult to remember a string of 32 numbers, the Domain Name System or DNS translates these addresses to a string of text that will serve as its directory entry. A DNS directory gets poisoned when it’s altered to hold false information leading to the bogus site. Typing in the site URL serves as no guarantee, because you will still be taken to the fake site. Even savvy net users can be caught by this technique.
Site users can protect themselves by logging onto their sites using a secure (https://) connection. If you’re suspicious, you can also check your commercial site’s security certificates to see if they are real. Some sites like yahoo offer various authentication methods such as personalized seals on their mail service page, so you can identify the real site from the fake ones.