Hmm, at the point where malicious software is modifying the behaviour of applications you may as well compare it to a keylogger. If the miscreant has control of the machine anything is possible, so sure I can see how it could be a real threat but it might not perhaps deserve its own silly name. I think better deployment of certificates and 2 stage token/passwords is the way forwards for both phishing and pharming (if pharming exists) from the server perspective. For the clients, continued education and improvement to default security. There seems to be movement with the latter, for the former tho the institutions still seem to insist that we the ISPs should be paying to fix their poor security. Steve On Tue, 15 Feb 2005, Daniel Golding wrote:

There have been a couple recent articles about a phenomenon allegedly known as "pharming", which people are supposedly worried about. This includes some combination of DNS cache poisoning and/or worm-powered URL rewriting.

This may also be a form of "fear-driven marketing" by companies inventing solutions to "fix" the problem which may not exist. (Mac Anti-virus software, anyone? ;)

Is anyone aware of actual "pharming" in the wild? Please reply off-list and I will summarize answers to the list.

Thanks,