What is Pharming? How does Pharming work?

The word pharming comes from a combination of “phishing” and “farming” and is a type of cyber-attack in social engineering. It is also known as Phishing without a lure. Pharming is when an Internet user is guided to a fake website rather than a real one by a hacker. Such places will collect the personal information of a victim.

How does it work ?

It is important to understand how the Domain Name System(DNS) servers work to understand how pharming works. The DNS job is to convert domain names into IP addresses, which reflects the website’s actual location, enabling the web browser to link to the website’s server.

Two methods of a pharming attack.

Malware

This form of pharming plants malicious code through a virus or trojan distributed via an email or download page. This malware then corrupts the storage files on your computer, rerouting you secretly to a fake pharming site set up by cybercriminals to capture your data.

DNS server poisoning

Domain Name Systems are internet machines that guide your question to the right IP address for your website. Nevertheless, a rogue, compromised DNS server will guide network traffic to a bogus site. This pharming fraud focuses on taking advantage of a flaw in the DNS server stage instead of corrupting individual files.

Signs of pharming

Unsecure connection- If your website address says “http” in the address line instead of “https,” it may corrupt the website.

A site that seems wrong- If there are spelling errors, unknown fonts or colors on the platform you are on, or otherwise it may not seem true.

Big incidents in pharming

A student in Germany successfully carried out a DNS switch for eBay.de in 2004, and while eBay confirmed that no user data was breached, the incident caused the business and its customer’s considerable confusion.

In 2015, a big pharming assault attacked Brazilian consumers who owned routers manufactured by some companies.

Preventions

• Test that when a website loads, the URLs are spelled correctly.
• Assure that the URL is safe and has “https” in front of the name of the domain.
• Note some inconsistencies about the usual look of the website.
• Choose a reputable ISP.