Pharming – One of the deadly sins of online safety
In this digital age, as technological innovations continue to transform the world, cybercrime does its best to keep up. Just as one technique of cybercriminals is exposed and catered for, they move onto the next one.
“Pharming” is a typical example. The term “pharming” is based on the words “farming” and “phishing.”
It’s an advanced version of phishing where the victims are trapped without any particular bait for the same purpose as they are in phishing – stealing confidential information.
Pharming is clever as well as a dangerous way of scamming people. It is clever because the people even when they are on the impostor websites have no idea about it and this means that they might fall into the trap of giving their personal information of their own free will with no idea whatsoever that they are shooting themselves in the feet. It is dangerous not only because of the damage it can inflict on individuals but also because even the most sophisticated anti-virus and anti-spyware software find it extremely difficult to detect. Pharming makes the website more vulnerable to threats and malware which can lead to other types of attacks on your website at the same time. Features of ESDS VTMScan helps in the detection of Malware, Threats, and Vulnerabilities so that you can prevent such suspicious activities.
The most popular pharming websites are usually related to online financial services or e-commerce. This makes perfect sense given that the criminals are mostly doing this for monetary gain and what better way of accumulating money than by stealing it using the confidential financial information of people.
Pharming can be conducted in two main ways:
- Either it can be done by exploiting any specific vulnerability in the Domain Name Server (DNS) software or
- By changing the host’s file on the computer of the victim.
In the former one, the cybercriminal might poison the DNS cache that eventually causes a number of people to visit a fake website. The website might then be used to install Trojans or viruses on the personal computer of individuals in an attempt to gather information.
In the latter one, the hackers might install Trojans or viruses directly onto the computer which in turn alter the host’s file, which then direct traffic towards an illegitimate website, away from the actual one.
Pharming attacks deceive both the victims as well as the computer itself. It misleads internet surfers because they type in URLs that they know are correct and of authentic websites but they are redirected to illegitimate websites that look like the real ones and it deceives the computer by changing the IP address of the trustworthy websites on the computer that in turn allows users to be misdirected. Now the crucial part that you should understand here is that by merely being extra-careful of what website address you type or using bookmarks will not help you avoid becoming a victim. This is just because the misdirection takes place after the connection request is sent.
So, what can you do to protect yourself from pharming?
While it’s the duty of your Internet Service Provider (ISP) to safeguard you from any potential pharming sites, there are some actionable tasks that you can take to prevent yourself from becoming a victim of pharming. Techniques used to combat pharming are called as Anti-pharming techniques.
The four most popular ways are:
- Checking your URL to make sure that the spellings/characters are indeed correct and that there is nothing wrong with it especially before providing any critical information,
- Using an ISP that’s not only legitimate but also trustworthy,
- Making sure that the ‘HTTP’ address changes to https (the “s” stands for secure), and
- Keeping the domains of your trusted and most visited websites locked.