Have you ever been redirected to a fake website that appeared similar to the genuine website even when you provided the correct URL in the browser? Or, have you heard stories about people who had such experience. This process of camouflaging a genuine website and redirecting to a fake website is called Pharming.
How does Pharming work?
Pharming attack is performed in two methods. In the first method, malware is installed in your computer that will change the hosts file (add DNS entry for the fraudulent website). This ensures that a user attempting to access a website URL is redirected to a fraudulent website. The fraudulent website usually resembles the legitimate one and will request personal information, such as username and password or PIN. The second method is to poison the DNS servers that have vulnerability and use them for redirecting users to fraudulent websites.
Example: You want to access wisedatasecurity.com and you have typed the URL correctly in the browser. At this time, a hacker who is involved in pharming will modify the DNS and redirect you to a different server that hosts the fake website, which appears similar to wisedatasecurity.com.
How to prevent Pharming?
To effectively combat Pharming, you should employ anti-pharming techniques. Some of the techniques are listed here:
Protect your hosts file: Hosts file generally exists in the operating system and it should be protected. This hosts file can be modified by the administrator or an application that has similar control. When a computer is infected with virus, it can take control of a computer and alter the hosts file. Therefore, installing and protecting your computer with free antivirus can help prevent this situation. Along with the antivirus software, an internet security suite will strengthen the security of your computer.
Configure relevant browser plug-ins and add-ons: Ensure that phishing protection-related browser add-ons and plug-ins, such as the Web of Trust (WOT) and Avast online security, are installed and configured in your browser. These add-ons and plug-ins will help detect the fake or fraudulent websites and alert when you attempt to access them.
Use secure websites: Ensure that the websites used for sensitive and confidential transactions, such as banking, are secure websites. The URL of secure websites will start with “https” instead of “http”, similar to the wisedatasecurity.com website as shown in the picture below.
Stay updated: To safeguard yourself, ensure that you have relevant information about the latest security threats in the cyber world. For this, visit www.wisedatasecurity.com and subscribe for latest technical information.
Pharming is a cyber security threat that you need to consider with high importance. It can have severe impact on the sensitive or confidential data available in your digital devices. You can efficiently mitigate this threat by taking proactive actions, such as some of those outlined in this blog.