Pharming, coined from the two terms phishing and farming, pronounced “farming", is a cybercrime attack. In both pharming as well as phishing are users taken to bogus websites to obtain secret information such as user names, passwords and PIN’s for example, but the two methods are inherently different.
Pharming exploits the host name to IP address translation mechanisms by adding a bogus entry in the local computer’s hosts files, or by hacking a Domain Name System DNS server. The effect is that when a user enters an URL such as www.anycompany.com in the browser he or she lands on the attacker’s site pretending to be the legitimate website.
Phishing, on the other hand, tricks users into visiting malicious websites using bogus links. Phishing, mostly seen in emails which mimicry legitimate sites such as financial institutions or auctions sites can occur in any form of Internet based communication including instant messaging programs for example.
In contrast to pharming, which is a technical attack without the users doing anything “wrong", does phising explore the human nature’s traits such as curiosity, readiness to help or fear by enticing or demanding to click a link. Thus, phising is a so called social engineering attack.