Anti-pharming techniques and technology are used to combat

pharming Pharming is a cyberattack intended to redirect a website's traffic to another, fake site by installing a malicious program on the computer. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a ...

. Traditional methods for combating pharming include: Server-side software, DNS protection, and

web browser A web browser is application software for accessing websites. When a user requests a web page from a particular website, the browser retrieves its files from a web server and then displays the page on the user's screen. Browsers are used on ...

add-ins such as

toolbar The toolbar, also called a bar or standard toolbar (originally known as ribbon) is a graphical control element on which on-screen icons can be used. A toolbar often allows for quick access to functions that are commonly used in the program. Some ...

s. Server-side software is typically used by enterprises to protect their customers and employees who use internal or private web-based systems from being pharmed and phished, while browser add-ins allow individual users to protect themselves from

phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwar ...

. DNS protection mechanisms help ensure that a specific

DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...

server cannot be hacked and thereby become a facilitator of

attacks.

Spam Spam may refer to: * Spam (food), a canned pork meat product * Spamming, unsolicited or undesired electronic messages ** Email spam, unsolicited, undesired, or illegal email messages ** Messaging spam, spam targeting users of instant messaging ( ...

filters typically do not provide users with protection against pharming. Currently the most efficient way to prevent pharming is for end users to make sure they are using secure web connections (

HTTPS Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is enc ...

) to access privacy sensitive sites such as those for banking or taxing, and only accept the valid

public key certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the ...

s issued by trusted sources. A certificate from an unknown organisation or an expired certificate should not be accepted all the time for crucial business. So-called active cookies provide for a server-side detection tool. Legislation also plays an essential role in anti-pharming. In March 2005,

U.S. Senator The United States Senate is the upper chamber of the United States Congress, with the House of Representatives being the lower chamber. Together they compose the national bicameral legislature of the United States. The composition and powe ...

Patrick Leahy Patrick Joseph Leahy (; born March 31, 1940) is an American politician and attorney who is the senior United States senator from Vermont and serves as the president pro tempore of the United States Senate. A member of the Democratic Party, ...

( D- VT) introduced the Anti-Phishing Act of 2005, a

bill Bill(s) may refer to: Common meanings * Banknote, paper cash (especially in the United States) * Bill (law), a proposed law put before a legislature * Invoice, commercial document issued by a seller to a buyer * Bill, a bird or animal's beak Plac ...

that proposes a five-year prison sentence and/or fine for individuals who execute

attacks and use information garnered through online fraud such as

and

to commit crimes such as

identity theft Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term ''identity theft'' was co ...

. For home users of consumer-grade routers and wireless access points, perhaps the single most effective defense is to change the password on the router to something other than the default, replacing it with a password that is not susceptible to a

dictionary attack In cryptanalysis and computer security, a dictionary attack is an attack using a restricted subset of a keyspace to defeat a cipher or authentication mechanism by trying to determine its decryption key or passphrase, sometimes trying thousands or ...

References

* * {{cite news , url=http://www.windowsitpro.com/Article/ArticleID/46789/46789.html?Ad=1 , title=Security: Phishing and Pharming , date=2005-06-22 , publisher=Windows IT Pro Magazine , access-date=2005-07-22 , archive-url=https://web.archive.org/web/20050811085205/http://www.windowsitpro.com/Article/ArticleID/46789/46789.html?Ad=1 , archive-date=2005-08-11 , url-status=dead Computer network security

See also

References