Computerhelp4all logo Articles AboutTopicsQuizzesComputer Questions & AnswersComputer Terms & DefinitionsActivitiesContact

Home > Articles > Computer Terms & Definitions > Cybersecurity > Threats To Individuals

What Is Pharming?

What Is Pharming

Date First Published: 17th May 2023

Topic: Cybersecurity

Subtopic: Threats To Individuals

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 7/10

Learn more about what pharming is in this article.

Pharming is the practice of redirecting a user to a fake website that mimics the appearance of a legitimate one to collect personal information, like usernames, passwords, and bank details. It may involve hijacking the browser settings, changing the hosts file on the user's computer, exploiting vulnerabilities in DNS server software, or by malware installed on the user's computer that runs in the background. It is a type of social engineering attack used to obtain access to credentials.

If the user does not notice that the URL to the fake website is different from the legitimate one, they could unintentionally give their sensitive information to the wrong website, putting their details at great risk as they could be misused and used for identity theft/fraud. The fake website may also contain links to viruses and malware. Pharming targets users with a lack of knowledge of scams and fake websites who do not pay much attention to the URL before entering sensitive information.

Note: Info Icon

The term 'pharming' is a combination of the words 'phishing' and 'farming'.

Difference Between Pharming and Phishing

Some people confuse pharming with phishing, but it is quite different. Phishing is the practice of impersonating trusted companies to steal sensitive information from users. Phishing usually comes in the form of email, where the phisher makes the message look like it has come from a legitimate company and wants the user to click on a link to a phishing site to trick them into giving their personal information away, such as card numbers, usernames, and passwords.

Pharming is a type of phishing that involves redirecting traffic from a legitimate one to a fake one. Instead of sending an email that pretends to be from a trusted company, pharming actually redirects the user to a fake one without any user interaction. It does not require the user to click on any links to visit the fraudulent website. This type of social engineering attack has been called 'phishing without a lure'.

Pharming attacks are less common than phishing attacks because they require much more work from the attackers, including writing malware that changes the computer's hosts file, or modifying the DNS table in the server (DNS poisoning), leading to the corrupted DNS entry being cached on the ISP’s servers. Phishing only requires the attacker to make up a fake email and send it to a large number of users at once.

Pharming is more harmful than phishing in that a lot of computers can be affected by it with no user interaction. For example, if a DNS server was compromised, users can still be affected by it even if their computer has no malware installed. Manually entering the website address or always using trusted bookmarks is still not enough, because the redirection takes place after the computer sends a connection request.

How To Prevent Pharming?

Below are five steps to prevent pharming:

  • Use strong antivirus software and keep it up to date. Antivirus software can detect and remove malware that modifies the hosts file, or automatically redirects legitimate websites to fake websites. Antiviruses can also block fake websites that users might land on due to pharming.
  • Keep your web browser and operating system up to date. This is important because operating system and web browser updates can fix bugs and vulnerabilities that attackers use to pharm websites.
  • Use bookmarks to access sites that you regularly visit. Saving bookmarks for sites that you frequently visit instead of clicking links on emails, social media sites, or search results pages will help reduce the chances of you visiting a fake website.
  • Use a strong password for your home network connection. Strong passwords will protect your home network against local DNS hijacking.
  • Use a reliable DNS server - Make sure that the DNS server you have chosen has protection against DNS poisoning. In most cases, the DNS server will be your ISP.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments


What Is Computerhelp4all?

  • Computerhelp4all is a site with articles for everyone about the topic of computing, as suggested in the name '4all'.


Featured Articles

Featured Quizzes

Topics

Computer Networking Cybersecurity Computer Systems Web Design & Development

Subtopics

Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Threats To Individuals Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection

Activities

Wordsearches Unscramble Words Knowledge Questions

Difficulty

Easy articles Medium articles Advanced articles

Follow Computerhelp4all


Facebook Logo
RSS Logo
YouTube Logo

Search



Related Articles





© 2022-2024 Computerhelp4all | Home | About | Privacy Policy | Cookie Policy | Terms of Use | Facebook | Twitter | RSS Feeds | YouTube