Pharming

Pharming is the next generation of phishing. It’s a more sophisticated way for thieves to fraudulently obtain personal financial information while you’re online. Where phishing works on one person at a time, pharming grabs large groups of victims at once.

Pharming uses DNS address poisoning, which tricks your computer about where the data is coming from. DNS addresses are text-strings – like towerfcu.org. Your browser translates text-strings into an IP address – like 212.345.678.900. Pharming corrupts this translation, and gives no indication on your computer that anything is wrong. You think you’re on your credit union’s website, but the attack redirects all of your activity – online banking, passwords – to the thief’s computer.

 

How do I know if I’m being pharmed?

Secure sites such as towerfcu.org have what are called Secure SSL Certificates; usually indicated by a lock at the bottom of your screen. Pharmers sometimes use certificates that don’t match the name of the site you’re attempting to access. Be alert for warnings on your computer like “the name on the security certificate is invalid or does not match the name of the site.”

 

How do I protect myself?

  • Only enter personal information in sites that have “https” at the start of their address.
  • Pay attention to security warnings from your computer.
  • A knowledgeable computer company can assist you with getting anti-malware software and a personal firewall. Other anti-pharming software is currently being developed to work against hackers.
  • Check your credit card and banking statements each month for unauthorized or suspicious charges.
  • Report suspect e-mail to: antiphishing.org, or to the Internet Fraud Complaint Center at www.ic3.gov/about/. To file a complaint with the FTC, go to ftc.gov, or call 877-FTC-HELP.

 

Not a member of Tower Federal Credit Union yet? See if you are eligible to join!