Eastern Michigan University
Phishing requires you to click a link sent to you in an email that sends you to a malicious site. Pharming is different in that you voluntarily browse to a site that should be legitimate but is not.
This can happen in one of two ways: first, an attacker can hijack a website to cause browsers to go some place different than the user intended. This sort of pharming can be very difficult to defend against as it happens outside of the computer under your control. Be careful when visiting a site, especially if it looks very different from what you remember. One way you may be able to tell if a site has been pharmed is to go to the https:// version of the site (ex https://www.google.com). Attackers are less able to hijack the secure version of websites.
Another way that attackers can pharm is by attacking your system directly, especially a home router. Many people plug a new router or firewall into their internet connection without making any changes. This leaves them vulnerable to attack as the usernames and passwords the factory sets on these devices are well known. Attackers use these credentials to enter your router and reprogram it allowing them to determine where you go on the internet. The best method to prevent this is to change the logon information on your router from the default when you install it and routinely twice a year.
Division of Information Technology
118 Pray Harrold
Ypsilanti, MI 48197