Smishing & Pharming

Farmer in tractor spraying field

In my post, IC3 2019 Report, I shared that the top scam rip-off of 2019 was Phishing/Vishing/Smishing/Pharming. Although I’ve published posts on Phishing and Vishing, I have yet to cover Smishing and Pharming. I’m going to rectify that today!

Smishing – Smishing is just like Phishing except the scam comes through text messaging instead of email. You will sometimes see the word written like this: SMiShing. The reason is to emphasize SMS. If you’re not familiar, SMS stands for Short Message Service. This type of service can be the text message service built-into your smartphone; it can be Social Media messaging apps like Facebook Message; or, it can be any other kind of message app.

Generally what happens is you receive a text that appears to be from a friend or legitimate company. Somewhere during the text exchange, the scammer will either try to get you to click on a link and then ask you for personal information like your password or Debit Card PIN. Sometimes, the scammer will try to get you to reveal this type of information directly into the text message rather than click on a link. Either way, if you fall for it, bad things can and often do happen. If you receive an unexpected text from a “friend” asking odd questions or making unusual requests, call the person and verify that the text is real. Another safety feature that I’ve known some people to use is they have a “key” word or question set up in advance with their friends and family. If they receive a text that’s strange, they simply ask for the word or phrase. If the person on the other end of the text can’t answer correctly, it’s a scammer.

Pharming – Pharming is where you are directed to a fake website when you are trying to reach a real one. To understand what this means, you need to know the definition of a few terms.

  • DNS – Domain Name Server: this is a server on the Internet which converts website URLs (or addresses) into IP (Internet Protocol) addresses. The fact is there really isn’t a website server called www.irs.org. Instead, the website address is really numbers: 152.216.7.110. What this means is that you can open a browser, go to the address bar, type in 152.216.7.110, click enter and you’ll be taken to irs.gov. Try it! The purpose of a DNS is to convert the characters of a URL into the actual address of the website which is always numbers.
  • DNS Cache – This is a file saved on your computer with the IP addresses of websites you’ve visited or tried to visit recently. The file is there to save time. Instead of having to reach out to a DNS server on the Internet to have a website address converted into numbers, it’s stored on your computer.
  • DNS Cache Poisoning – This is where pharming comes into play for most computer users. When Malware is allowed onto your computer or when some unscrupulous person breaks into your computer (or, worse yet, you let them on), a primary target is the computer’s DNS Cache. The Malware or the hacker will alter the DNS Cache and send you to fake websites where your personal information will be the main target. Example: the conversion of irs.gov will be changed from 152.216.7.110 to the IP address of a fake website the hacker has created. You type in or click on a bookmark for irs.gov and you are taken to a page that may look identical to the real irs.gov site. Hidden somewhere on the site is a fake link or some other feature aimed at getting your information.

How do you avoid Pharming? Keep your anti-virus/malware software up-to-date; install updates, especially for the Operating System (OS); don’t let strangers onto your computer either in person or remotely; don’t click links in emails unless you know they’re safe.