Pharming

October 28, 2022
|
cybersecurity

Pharming is a type of cyberattack involving the redirection of web traffic from a legitimate site to a fake site to steal usernames, passwords, financial data, and other personal information.

It is a two-step process that begins with an attacker installs malicious code on a victim's computer or server. That code sends the victim to a spoofed website, where they may be tricked into offering their personal data or login credentials for a website or online service. Pharming does do not require a user to open a website themselves because they are automatically redirected to the attacker’s spoofed site.

Types ofPharming Attacks

DNS Server Poisoning -The DNS serves to direct users' website requests to the correct IP address. Butwhen a DNS server is corrupted, it will direct website requests to alternate orfake IP addresses. Typically, DNS poisoning goes after the companies that runand maintain the DNS servers that translate human-friendly domain names intocomputer-ready IP addresses. The corruption of a large DNS server canresult in cybercriminals targeting and scamming larger groups of victims.
Malware-based Pharming –Also Known as DNS changers/hijackers who infect a victim’s computer stealthily large DNS server's corruption can result through malicious emails or software downloads, such as a Trojan horse or virus making changes to the victim's host file. Internet users often unwittingly pick up malware through malicious emails or software downloads, such as a Trojan horse or virus. The downloaded malware will covertly reroute the user to a fake or spoofed website created and managed by the attacker. When people access the site, the attacker sees all the personal data or login credentials they enter.

How to protect yourself against Pharming Attack  

•Deploy a reputable anti-virus solution: Trustedanti-virus software should contain tools that can not only detect but also block anomalous or suspicious behavior and malware.
•Use a trusted internet provider: Reputable and trustworthy internet service providers (ISPs) automatically filter bogus pharming redirects, which prevents users from ever visiting pharming websites.
•Avoid unusual e-commerce deals: E-commerce ore-shopping deals that look too good to be true are often just that. A populartactic used by pharming attackers is to lure victims in with prices thatdrastically undercut popular, legitimate e-commerce sites.
•Use secure VPNs: Virtual private networks (VPNs) thatuse reputable DNS servers will help users avoid the risk of pharming attackstargeting DNS cache poisoning. 
•Enable authentication: Passwords alone are not asecure practice for protecting users against popular attack vectors.Organizations must add an extra layer of security to their online accountsusing two-factor authentication (2FA) and multi-factor authentication(MFA). 
•Change default passwords: Consumer routers andwireless access points come with default passwords that could be used acrossmultiple similar devices. This poses a serious security risk if hackers can gethold of those passwords.