What is Pharming in cyber security?

Pharming in cyber security is a technique where attackers try to redirect website traffic from a legitimate website to a fraudulent website to spread malware or steal sensitive data from victims. It is usually to collect private information from victims or install malware on their machines. Attackers tend to focus on creating fake live e-commerce and digital banking websites to capture credentials and payment card information. Pharming attacks are focused on manipulating the system rather than tricking individuals into going to a dangerous website. Financial services such as banks, online payment platforms and e-commerce sites are the main targets of pharmers.

How does Pharming work?

Pharming uses “domain spoofing”, where the fraudster manipulates the user’s computer or DNS server to redirect the user to a fraudulent website without any warning. For example, when you type in www.youtube.com, but instead of going to Youtube’s official website, you are redirected to a fraudulent website called  www.youtude.com, with a wrong ‘d’. There might be a chance that you barely figure it out because the fraudulent website’s design looks exactly like Youtube’s and the URL is just slightly different. Therefore, you use your login information to log in resulting in the fraudster now having your YouTube username and password.

Signs of Pharming – How to tell if you are a victim of pharming

1. Charges on your credit card that you do not recognise
2. posts or messages that you did not post on social media
3. Requests for friend or connection on social media that you did not send
4. Have you changed the passwords on any of your online accounts?
5. New programmes are appearing on your device which you did not download or install

Requires action:

• Clear your DNS cache
• Run your antivirus program to remove malware and make sure your device is secure
• Contact your ISP if you believe your server has been compromised
• Change the password for all your online accounts
• Follow the fraud reporting procedures for your online banking, email, and social media platforms as applicable

What is the solution to Pharming attacks?

Pharming is a higher risk compared to phishing and can be easily recognized. However, there are plenty of solutions to prevent Pharming.

Always look for a secure connection

Technology like Secure Socket Layers (SSL) and Extend Validation (EV) certificate provides business owners and alert responsive internet users with effective tools against phishing, pharming and cyber frauds; therefore, users are advised to see “HTTPS” or padlock symbol in the address bar of the browser when downloading the website

Use of Anti-hacking or Anti-virus software

Some anti-virus software can remove malicious codes in the form of host files from the user’s computer so that it should not be redirected to fake websites.

Don’t disable or weaken the firewall

Many of the most popular hacks that have happened this year because people have not patched their computers and cybercriminals have taken advantage of these vulnerabilities. Therefore, always allow for computer updates. Every computer update includes patches for known vulnerabilities on your computer. Cybercriminals may use these vulnerabilities to attack computers that have not received these patches.

Enable two-factor authentication where possible 

It is a good idea to turn two-factor authentication on as many platforms have already offered it. It makes your accounts harder to hack into-even if fraudsters have obtained your login details through pharming, they won’t be able to access your account.

Be alert

With the passage of time, malicious activity is also increasing on transactions, so users should always be alert and see pharming clues, especially when doing more transactions on any website.