- How do identity thieves try to get my information?
- What are some warning signs of fraudulent requests for information?
- What is pharming?
Consider these questions as you review the examples below. Try the quiz from the left menu: What Have You Learned? after you’ve spent some time with this section.
Pharming is a method of identity fraud that takes over a legitimate website or server in order to scam innocent people out of their money. A hacker changes the settings of a server so that when you enter the address of a legitimate website, it redirects you to a fake or a copy of the original site hosted somewhere else. Any data entered on this fake site is then stored on the server of this hacker. The diagram below details how a typical pharming set-up might work. Click on the image to see a larger version, then use your browser’s back button to return to this page.
Image from palisade.plynt.com
By taking over your computer or a company’s server, pharmers redirect web addresses to phony, but realistic looking, web sites. Even if you type in the correct address, including “http”, you will still be sent to a fake site. This is especially common with banking and e-commerce sites, where users submit financial information.
- Pharming is mostly targeted at companies’ websites and not individual users. While legitimate companies try to prevent this by installing defensive software and monitoring their web traffic, there are some things you can do to help protect yourself against pharming.
- Always check that the website has security certificates and that the web address starts with http://
- Read our sections on safety: Wireless Safety and Firewalls and Anti-viruses.
- Many sites requiring secure information are now created such that a browsers will warn you if you are re-directed to another site. Always pay attention to these warnings.
- It is still wise to check your bank and credit card statements regularly and report any suspicious charges.