The art of “pharming” involves setting up an illegitimate website that is identical with its legitimate prototype, and redirecting traffic to it. 

“Pharmers” can do it in the following ways: 

1.     By altering the “Hosts” file on your computer. The Hosts file stores the IP address of websites you have been accessing. By inserting a new IP address into the database field corresponding to a website, your own computer can be redirected to the pharmer’s website. Any information you give the bogus site is immediately hijacked by the pharmer. 

2.     Hijacking the DNS (Dynamic Name Server) itself. A DNS matches the names of address with their IP addresses. If this server can be coerced into assigning new IP addresses to traditional names, all computers using the name resolution provided by the DNS server will be redirected to the hijacker’s web site. 

3.     Setting up a bogus web site identical in design and content to the original web site. The bogus web site will have almost identical name also, may be one letter difference here and there so that our eye tricks ourselves that the bogus website itself is the original web site. The link is sent by email but cloaking the link so that it appears as the link to original web site but leads to bogus web site. 

Once that happens, it’s time to be fleeced. 

DOWN ON THE PHARM 

“Pharmers” hijack your “hosts” file or DNS servers using Spyware, Adware, Viruses or Trojans. One of the most dangerous things you can do is to run your computer without some form of Internet Security installed on it. 

Your security software should be continually updating its virus definitions, and be capable of warning you if something has been downloaded from a web site or through email. It should be able to remove it, “quarantine it”, or tell you where it is so that you can remove it by hand. 

You should also have Spyware and Adware programs installed, and be aware of any change in Internet browsing patterns. If your home page suddenly changes, or you experience advertising pop ups (which may pop up even when you are not hooked up to the Internet), you should run a Virus, Spyware or Adware scan. 

Thanks to the efficacy of these protection programs, pharming is a lot more difficult than it used to be. It isn’t as easy to hijack a computer as it once was. 

So, the “pharmers” have teamed up with the “phisher men” to get you to visit the bogus web page yourself, and enter all the information they need. 

PHISHING TO CATCH YOU ON THE PHARM 

By combining the two techniques, the phisher men/pharmers had avoided the high-tech problems associated with downloading a Virus that could get past his protection software. They had gone straight for the throat. 

YOUR ONLY REAL IDENTITY THEFT PREVENTION AND PROTECTION 

The only real protection against the pharmers and phisher men is YOU. There are three things you must consider when you read any email demanding information: 

Ø  Be extremely skeptical when they say they have to “update their records”, “comply with federal regulations”, or prevent fraud. They are the ones initiating the fraud. 

Ø  If the original company needs an update, it will mail you and ask you to update at the web site itself, and not provide a link.  

Ø  Check the URL. If it is a series of subdomains some of which have the name of the bonafide company, most likely the subdomain is set up with a free hosting company. 

Ø  Have they provided partial information about you as a guarantee that the email authentically comes from the legitimate source? Be very careful of this one. This technique is effective for “pretexting”, impersonating a person or company. Just because they know your first and last name (and any other information – known only to the legitimate source) doesn’t mean the email is legitimate. They probably hijacked the information off the server. 

THE BOTTOM LINE 

The bottom line is: don’t provide any information at the behest of an email, no matter how authentic it looks, or how authentic the page it directs you to looks. If you must log in, do so at the parent site itself. 

Your Identity Theft prevention and protection is, in the final analysis, up to you. 

Don’t be the next sheep fleeced by the pharmers who caught you with the phisher man’s hook. Being dropped naked into their frying pan is NOT a fate you want.