Pharming

Definitions

Pharming (also calling warkitting) is

“

[a] method used by phishers to deceive users into believing that they are communicating with a legitimate Web site. Pharming uses a variety of technical methods to redirect a user to a fraudulent or spoofed Web site when the user types a legitimate Web address.[1]

”

“

where Domain Name System (DNS) servers or users' host files are compromised to redirect users to a malicious site in place of the legitimate site.[2]

”

How it works

A hacker will redirect a user to a fraudulent or spoofed website when the user types in a legitimate URL. Software vulnerabilities may be exploited or malware employed to redirect the user to a fraudulent website when the user types in a legitimate address. The computer user sees the intended website’s address in the browser’s address line, but instead, he or she actually is connected to the hacker’s site and may unknowingly be pursuaded to provide personally identifiable information to the hacker.

References

1. GAO, Defense Department Cyber Efforts: DOD Faces Challenges In Its Cyber Activities 15 (GAO-11-75) (July 2011) (full-text).
2. NIST Special Publication 800-44, at ES-2.