Pharming is a type of cyber attack aimed at redirecting a website’s traffic to a fraudulent website without the user’s knowledge or consent. This can be done by exploiting vulnerabilities in the DNS (Domain Name System) or by infecting a victim’s computer with malware that alters local DNS settings. Unlike phishing, where victims are typically lured to fake websites through deceptive links sent via email or messaging, pharming can automatically redirect users without requiring them to click on a deceptive link.
Here’s how it typically works:
DNS Server Poisoning: Attackers target the server that converts website names (like www.example.com) into numerical IP addresses that computers use to locate web services. By poisoning the DNS server, attackers can redirect users to malicious sites even when they type correct URLs directly into their browsers.
Local DNS Modification: In this variant, malware on a user’s computer might change the local DNS settings to redirect the user. For example, even if the user types a legitimate web address, the malware can redirect them to a fraudulent version of the site.
The goal of pharming is usually to steal personal information, such as login credentials or credit card numbers, or to install more malware on users’ devices. The stealthy nature of pharming makes it particularly dangerous as it can be harder to detect than other methods like phishing. To protect against pharming, it is recommended to use updated antivirus software, apply security patches to your system, and regularly check for unusual behavior in the DNS settings.
Cyber Security graduate from Edith Cowan University, Australia, equipped with a strong foundation in Linux systems and a passion for cybersecurity. As an enthusiast for both open-source technologies and security practices.