Cybercriminals are constantly adapting their techniques to more effectively infiltrate our devices or accounts. While you may have already heard of phishing, there’s a new, more complicated technique hackers are beginning to use: pharming. But what is pharming — and how can you prevent a pharming attack on your devices?

visual showing screen with IP address

Pharming is a scam in which malicious code is installed on someone’s personal computer or server by a cybercriminal. As the name suggests, it comes from the words ‘farming’ and ‘phishing.” This code changes the IP address information, which misdirects users to fake websites without their knowledge or consent. Once redirected to these fake websites, users are prompted to enter personal information, which is then used to commit identity theft or financial fraud. 

Customers of banks or other monetary exchange systems are the main targets of pharming attacks. Hackers succeed with this tactic because they can infiltrate a large number of devices at once, rather than target individuals. 

In addition, hackers don’t need to convince users to click a doubtful email link or suspicious advertisement. The malicious code is automatically downloaded without any action from the user.

graphic that shows credit card info being stolen

Pharming vs. Phishing

With so many “ph-” words to keep straight, it might be hard to keep all these cyber scams straight. What’s the difference between phishing and pharming? 

Phishing is a technique that acquires personal information by sending malicious emails that are designed to look legitimate. The intent of phishing is to convince users to click on a link in a fraudulent email. In addition to phishing, hackers are moving on to other forms of communication, such as texting (SMiShing) and voice messaging (Vishing). 

Pharming involves creating fake websites for the purpose of stealing personal information. While phishing involves clicking on a link from a fraudulent email, pharming doesn’t always require users to take manual action — they are redirected to these false websites without even knowing.

pharming-vs-phishing-chart

How Does Pharming Work?

Pharming is an exploitative practice that is done by either infiltrating individual computers or poisoning a server. Both options use code that redirects websites, but each is carried out in a different way. 

But just how does pharming work on a case-by-case basis? To understand the mechanisms and nuances of pharming, you should first understand the different types of pharming. 

Individual Computers

In this type of pharming, the hacker sends an email with a code that modifies the host files of an individual’s computer. Once the host files are infiltrated, they can redirect URLs to a fake version of the website the individual is intending to visit. Even if the user types in the correct URL, the page will redirect. These websites mimic the appearance of real sites so users may not be aware they are victims.

DNS Poisoning

A much more extreme version of pharming is domain name system poisoning or DNS poisoning. To understand this type of pharming, you first need to understand what a Domain Name System (DNS) is and how it works. DNS servers essentially translate domain names into IP addresses — changing them between ‘human’ and ‘computer’ languages. 

In this pharming attack, rather than infiltrating files on a personal computer, the DNS server is attacked. This server can handle thousands to millions of Internet users’ URL requests — meaning each user is unknowingly redirected to fake pages. This large-scale threat is especially dangerous because the affected users can have a secure and malware-free device and still become victims.

graphic showing pharming

How to Protect Against an Attack

Spotting a pharming attack can be nearly impossible because it’s not based on any action the user takes. However, there are a few key warning signs that can show that someone is a victim of a pharming attack.

  • Check to make sure the URL is spelled correctly.
  • Be sure the URL is secure and has “https” before the site name.
  • Notice any discrepancies from how the webpage usually looks.
  • Examine any unusual activity in your banking account.

Although many pharming attacks can’t be prevented, there are a few steps that can ward off cybercriminals.

  • If you think you are a victim of an attack, clear your DNS cache.
  • Run an antivirus program to make sure your device is secure.
  • If you believe your server is compromised, contact your Internet service provider.
  • Install a VPN for secure online browsing

With the prevalence of predatory tactics like pharming and phishing, it’s more important than ever to protect yourself from all sorts of malware attacks. If you take precautions and are diligent with your internet use, you can minimize the chances of your data being stolen with malicious code. Check out our antivirus software to secure your digital life today.