Protecting Yourself from Pharmers

As if “phishing” weren't bad enough, now we find ourselves dealing with “pharming.” Pharming has become a prevalent online scam and has been causing headaches for Internet users all over the world.

Also known as DNS poisoning or spoofing, pharming occurs when users are typing a legitimate website address into the address bar of their computer, but a virus redirects them to an imposter site. These imposter sites may look and seem like the real thing, but they are not.

These false sites entice users to enter personal information, such as credit card numbers, passwords and Social Security numbers, in an attempt to steal their identity. Unfortunately, this scam is likely to be the most effective identity theft method yet, because Internet users are in the driver's seat—they are just unaware that they've been taken down the wrong path.

Here are a few tips that will help you protect yourself from pharming:

  • Double check the website on your computer screen to make sure that it is the address you intended to reach.
  • Be cautious about what programs you run on your computer. Programs such as word processing and email cannot be set to update themselves with security “patches” on their own. Also, downloading games, music and other software can be infectious.
  • Make sure that the entered web address starts with HTTPS, not just HTTP. HTTPS indicates that the site is secure.
  • And very importantly, install and update your anti-virus and anti-spyware software. Hackers are able to gain access to your information by a wide variety of viruses. Keeping your anti-virus software updated can help avoid pharming, as well as other hacking attempts.

For businesses, protecting your company's data is especially critical. Probably the most important things you can do to protect company information lie in being defensive and controlling access. For instance:

  • Establish and use strong password protection policies (e.g., make sure everyone with access to your company's computers uses a password, changes it on a regular basis, etc.)
  • Do not click on links to websites directly from email messages.
  • Encode vital data and files and use a protective "firewall" that will keep an eye on outgoing information.
  • Establish rules for employees that specify the programs they can and cannot use on their computers.

Quick Links