Redirecting users from legitimate Web sites they are trying to visit to fraudulent Web sites
Pharming attacks redirect users from legitimate Web sites they are trying to visit to fraudulent Web sites. These fraudulent Web sites look similar to the real sites, but when users enter personal information on the site, such as their name, password, credit card number, etc., the information is captured by the attacker. The attacker can then use this information for identity theft or data theft.
One method of pharming is DNS (Domain Name System) poisoning. The DNS is like a telephone directory for the Internet that translates domain names, such as www.google.com, to numerical strings called IP addresses, such as 184.108.40.206. An attacker poisons a DNS server by putting false information into it, so that legitimate domain names are translated to IP addresses that correspond to the attacker’s fraudulent Web sites.
Pharming is similar to phishing in that they are both attempts to capture information from unsuspecting users on fraudulent Web sites. However, pharming is different in that it does not require victims to click on fraudulent links in emails. Pharming is much harder to detect, since it is very difficult for a victim of pharming to detect that an attack has been attempted. Pharming also allows an attacker to reach a large number of victims at once.
View the list of Local Resources that can assist Internet users in South Africa.