pharming.org

\n\n\n\n"); } --!>

pharming.org

What is pharming? | Solutions | News Pharming Conscious (PhC) Site List | Tell A Friend | Inform Your Websites Guidelines for Websites | Resources | FAQ | Sponsorship | About this page

Advisory: Watch out for "drive-by-pharming" attacks! (News article, Full Paper). Please be sure to change your default password on your home router to prevent yourself from being pharmed!
What is pharming?
Pharming is an attack in which a user can be fooled into entering sensitive data such as a password or credit card number into a malicious web site that impersonates a legitimate web site. It is different than phishing in that the attacker does not have to rely on having the user click a link in an email to deceive the user-- even if the user correctly enters a URL (web address) into a browser's address bar, the attacker can still redirect the user to a malicous web site.
The threat due to pharming is not new, and has been known to security experts under the more technical term DNS cache poisoning. However, due to the increasing use of the Internet to conduct financial transactions, criminals are now using DNS cache poisioning for profit. The name pharming was coined after a significant DNS cache poisoning attack in March 2005 due to its loose similarity to phishing attacks that were common at the time.
How can you protect yourself?
Only use pharming-conscious or (PhC) web sites. A PhC web site uses a secure connection to prevent other web sites from impersonating it. PhC web sites typically use the HTTPS web protocol on their login page to allow the user to verify the web site's identity. If an attacker attempts to impersonate a PhC web site, the user will receive a message from the browser indicating that the web site's "certificate" does not match the address being visited. (Click here to see what an example of this message looks like. Users should NEVER click Yes in response to such a window, otherwise they might get duped by a pharming attack.)
Radio Interview
Click here to listen to a MP3 clip of a radio interview about pharming.
Link to www.pharming.org
Help us spread the word about pharming and DNS cache poisoing threats-- have your website link to http://www.pharming.org

Legal Disclaimer - Copyright (C) 2006 pharming.org.
This is a service free to end-users provided by Daswani Enterprises. Learn more about security.

	pharming.org What is pharming? \| Solutions \| News Pharming Conscious (PhC) Site List \| Tell A Friend \| Inform Your Websites Guidelines for Websites \| Resources \| FAQ \| Sponsorship \| About this page
Advisory: Watch out for "drive-by-pharming" attacks! (News article, Full Paper). Please be sure to change your default password on your home router to prevent yourself from being pharmed! What is pharming? Pharming is an attack in which a user can be fooled into entering sensitive data such as a password or credit card number into a malicious web site that impersonates a legitimate web site. It is different than phishing in that the attacker does not have to rely on having the user click a link in an email to deceive the user-- even if the user correctly enters a URL (web address) into a browser's address bar, the attacker can still redirect the user to a malicous web site. The threat due to pharming is not new, and has been known to security experts under the more technical term DNS cache poisoning. However, due to the increasing use of the Internet to conduct financial transactions, criminals are now using DNS cache poisioning for profit. The name pharming was coined after a significant DNS cache poisoning attack in March 2005 due to its loose similarity to phishing attacks that were common at the time. How can you protect yourself? Only use pharming-conscious or (PhC) web sites. A PhC web site uses a secure connection to prevent other web sites from impersonating it. PhC web sites typically use the HTTPS web protocol on their login page to allow the user to verify the web site's identity. If an attacker attempts to impersonate a PhC web site, the user will receive a message from the browser indicating that the web site's "certificate" does not match the address being visited. (Click here to see what an example of this message looks like. Users should NEVER click Yes in response to such a window, otherwise they might get duped by a pharming attack.) Radio Interview Click here to listen to a MP3 clip of a radio interview about pharming. Link to www.pharming.org Help us spread the word about pharming and DNS cache poisoing threats-- have your website link to http://www.pharming.org
Legal Disclaimer - Copyright (C) 2006 pharming.org. This is a service free to end-users provided by Daswani Enterprises. Learn more about security.