Totally Free Checking & Free Gift Advertisement
To find out about Reelfoot Bank's new Totally Free Checking click here!!!

Bank Bucks
Bank News

Pharming for Your Information!!!

“Pharming” is the practice of redirecting Interent domain name requests to false Web sites in order to capture personal information, which may later by used to commit fraud and identity theft. While pharming is similar to phishing in that both practices try to entice individuals to enter personal information on a fraudulent Web site, they differ in how they direct individuals to that site:



  • Phishing-as in fishing for confiendtial information-is a scam that encompasses fraudulently obtaining and using an individual’s personal or financial information. In a typical case, the consumer receives an e-mail appearing to originate from a financial institution, government agency or other entity that requests personal or financial information. The e-mail often indicates that the consumer should provide immediate attention to the situation decscribed by clicking on a link. The provided link appears to be the Web site of the financial institution, government agency or other entity. However, in “phishing” scams, the link is not to an official Web site, rather to a phony Web site. Once inside that Web site, the consumer may be asked to provide a Social Security number, account numbers, passwords or other information used to identify the custoiners, such as the maiden name of the customer’s mother or the consumer’s place of birth. When the consumer provides the information, those perpetrating the fraud can begin to access consumer accounts or assume the person’s identity.


  • Pharming refers to the redirection of an individual to an illegititimate Web site through technical means. For example, an Internet banking customer, who routinely logs in to his/her online banking Web site, may be redirected to an illegitimate Web instead of accessing his or her bank’s Web site.


Pharming can occur in four differenet ways:

  • Static domain name spooking: The “pharmer” (the person or entity committing the fraud) attempts to take advantage of slight misspellings in domain names to trick users into inadvertently visiting the pharmer’s Web site. For example, a pharmer may redirect a user to anybnk.com instead of anybank.com, the site the user intended to access.


  • Malicious software(Malware): Viruses and “Trojans” (latent malicious code or devices that secretly capture data) on a consumer’s personal computer may intercept the user’s request to visit a particular sire, such as anybank.com, and redirect the user to the site that the pharmer has set up.


  • Domain hijacking: A hacker may steal or hijack a company’s legitimate Web site, allowing the hacker to redirect all legitimate Internet traffic to an illegitimate site. Domain names generally can be hijacked in two ways:
    1. Domain slamming: By submitting domain transfer requests, a domain is switched from one registrar to another. The account holder at the new registrar can alter routing instructions to point to a different, illegitimate server.
    2. Domain expiration: Domain names are leased for fixed periods. Failure to manage the leasing process properly could result in a legitimate ownership transfer. In this instance, trade name laws usually must be invoked to recover lost domains.
  • DNS poisoning: The most dangerous instance of pharming may be domain name server (DNS) poisoning. Domain name servers are similar to Internet road map guides. When an individual enters www.anybank.com into his or her browser, Domain Name Servers on the Internet translate the phrase anybank.com into an Internet protocol (IP) address, which provides routing directions. After the DNS server provides this address information, the user’s connection request is routed to anybank.com. Local DNS servers can b e “poisoned” to send users to a Web site other than the one that was requested. This poisoning can occur as a result of misconfiguration, network vulnerabilities or Malware installed on the server.

    • There are 13 root DNS servers for the entire Internet, which are closely protected and controlled. Most requests are directed by the local DNS server before they reach a root DNS server. However, if a hacker were to penetrate one or more of these root servers, the Interent could be severely compromised.

    Please be aware and on the lookout for such scams and/or frauds. Here at Reelfoot Bank we want to educate our customers on current fraud issues. Please look periodically at the website for up-to-date information on new scams and fraudulent activity.

    Check out more on Identity Theft on our Identity Theft Information page!

    Check out more Reelfoot Bank News on our Bank News page of the website under Contact Us!

    Top of Page