Don't you mean farming?
Pharming, a recently coined term, refers to a
hacker's attempts to redirect traffic from a particular
website to another similar, but bogus, website. These
hackers try to steal individuals' personal information
by mimicking a site that requests sensitive data, such
as an online bank. This fake website displays an actual
domain in the browser's address bar, implying that the
users are actually where they think they are. The fake
websites also duplicate the look and feel of the real
website so closely that users often don't know the
difference. These sites, similar to phishing e-mails,
can lead to other scams and even identity theft. Many
phishing e-mails are now easily recognizable, but that's
just kid stuff in comparison to how easily pharming sites
can fool users.
Think of these false sites as celebrity impersonators--they're
not as good as the original, and taking a little bit closer look
at these "impersonating" pages will tell you whether
they're the real deal or not.
How can I spot the impersonator?
Take these simple precautions to prevent yourself from becoming a
victim of pharming:
Before clicking on a link in a browser window, place your mouse
over the link and check the link's address that's displayed in
the bar at the bottom left of the window. Make sure that the
link address shown matches the one indicated on the page. If
the destination listed is not what you're expecting, do not
click on the link because it may be a scam. Instead, report this
site as a possible pharming site. There are two places you should
- Alert the real site that is being mimicked
-- Most of the time, the real sites do not know their
sites are being mimicked
- Alert the United States Computer Emergency Readiness
-- Send the web address of the suspected site and a brief
explanation of why you think it's a pharming site to
If you encounter a site that appears to be
mimicking a UR site, contact UR Information Security at
Check the website's certificate. If a hacker attempts to
mimic a secure site, you will receive a message automatically
from the browser that the website's certificate doees not
match the address being visited. If you receive one of these
messages, do not
click "Yes" because it may be a pharming site.
This is what one of these browser messages may look like:
Check your web browser security
Use only secure websites when entering personal information.
These sites are denoted by the presence of a yellow lock icon
or with a URL that begins with https:
If you have your own home broadband router (ex: Linksys,
D-Link, NETGEAR), be sure that you have changed the
default password that came with the router to your own
unique, strong password. If you have not changed it,
hackers can easily guess the default since most home
routers come with uniform default passwords.
For more information