Car Buying:

Preparing for College:

Money & Jobs:

Safe Surfing Tips:

Scams Aimed At You:

Money Cards:

Smart Money Tips:

Will This Happen To You:

Main articles:

Pharming: A New Twist On An Old Ploy

By Will from Holland

Being smart, you already know about "Phishing," the phony emails that probably hit your mailbox daily.

Phishing scammers send out hundreds of millions daily, trolling for suckers who actually do what the emails say: "Click on this link, and confirm your financial information." Give them the info and bingo, your accounts are drained, and your credit is ruined.

Phishing is easy to stop: Never respond to any emails, which want you to confirm your financial details. Financial institutions never ask for financial details in emails. End of the phishing story.


"Pharming" is much sneakier because it's much harder to detect. Even experienced Internet users are going down on this one. It's a new twist on an old ploy called "domain spoofing." The scammers create a fake, malicious website that looks like the site of a real company. These skilled hacker criminals then use Domain Name Server (DNS) "poisoning" to redirect your browser to their fake site.

When you are unknowingly directed to the malicious site, you seem to be on a legitimate site. You think you're on your bank's website, for instance, so you enter personal information such as your PIN number or password. Bingo, you're broke. Or worse, your total identity is stolen.

Phishing targets one victim at a time; Pharming goes after huge "crops" of victims at one time by attacking Domain Name Servers and things individual Net users have no control over.


What can you do?

  • Make sure you have the best virus protection installed on your computer.
  • Think before you open an email from an unknown sender. Pharming can happen if the scammer can install a virus on your computer. The virus comes in an email.
  • Make sure you have the latest version of your browser. Some browsers display where a secure site is located. Or you can get a toolbar that does the same thing.
  • Once you have logged onto a financial institution's site, make sure the address bar starts with "https," not "http." Check your online accounts regularly. I check mine daily.
  • Check out our website for other articles on phishing and ID-theft.

Cheers, Will.