Kathleen G. Kane - Pennsylvania Office of Attorney General - Protecting Pennsylvanians

 Click for the Spanish Translation

First it was ?Phishing? now it?s ?Pharming??

In order to surf the web safely, a user must be Internet savvy so that they can spot potential scams and avoid falling victim to them. As Internet users have become more sophisticated, so have the scams.

What is ?Phishing??

Many consumers are now familiar with the Internet scam known as ?phishing?. This is a spam message that contains a link to what appears to be a legitimate business, such as your bank, but it?s actually a fake website. The email often states that you must update your account information through a bogus link to a scammer?s website and so the user, unknowingly, gives out personal information to the fake website. Educating consumers about this type of scam has helped many people avoid becoming victims.

How does ?Pharming? differ from ?Phishing??

The latest evolution in Internet scamming is ?pharming?. Through the use of a virus or similar technique, your browser is hijacked without your knowledge. You type a legitimate website into the address bar of a browser and the virus redirects you to a fake site. Although you entered the website address in the browser yourself and the website appears identical to the site you are accustomed to doing business with, you have actually been redirected to a different site. You enter in your identifying information, such as bank passwords and credit card numbers, and unknowingly submit it to someone who is out to steal your identity. In this scheme, since you typed in the URL yourself and the website has the same appearance as it usually does, it is unlikely that you will know you were redirected to a different website.

How can I protect myself and my computer?

There are ways to avoid ?pharming? attacks and to protect your personal information:

  • Legitimate banking and business sites will never contact you by email and ask you to update your account or password information with the threat of closing the account if you fail to do so.
  • Run up-to-date anti-virus and anti-spyware software regularly on your computer.
    Exercise caution over which programs you decide to run.
  • Install personal firewalls.
  • To verify that you are accessing a secure site, look for the padlock icon in the browser. You also should make sure the web address in your browser starts with HTTPS, not just HTTP.
  • Double click on the padlock icon to see who owns the security certificate. A fake one either won?t have a certificate or it will be owned by an entity that appears to be unrelated.

Consumers can contact the Bureau of Consumer Protection at 1-800-441-2555 or www.attorneygeneral.gov to file complaints about Internet scams.