Pharming is an attack that takes advantage of the way that our computers locate web services. The browser uses the DNS system which acts as a huge, lookup database distributed over different servers on the Internet. It uses DNS to find the IP address that is linked to a particular URL for a web site. The browser actually communicates with the web site using that IP address.
The attacker finds a way to link the IP address of a site that he controls to a valid URL in the DNS system and the browser is sent to the wrong location. The URL that's shown in the browser looks correct and the attacker has probably copied the original pages enough to spoof a legitimate web site. This may fool the victim into entering real authentication information.
One of the most common ways that an attacker does this is to install a Trojan, software on the browser machine that puts this wrong information into the files that the computer uses to start the DNS process.
Other attacks are on servers on the Internet that provide DNS information; old and unpatched servers are most likely to allow a successful attack.