Introduction to Pharming
Since the internet was developed it has evolved too much. Evolution has happened not only in terms of usage, speed but also how it is misused. There are always people who are looking for some sort of loopholes using which they could enter the whole system. Once entered they could exploit the resources and could easily misuse it. There are several ways or mechanism using which exploitation is done. Phishing, cyberbullying, Drive-by attack, Password attack, SQL injection attack, Cross-site scripting (XSS) attack are few of them which is commonly used. Once such a common attack is Pharming. So now let us know what it is.
What is Pharming?
If we try to explain in simple words then we can say that Pharming is a simple cyber attack which works on the logic of redirecting the user to different URL or website when a user tries to use access original website. Pharming is a relatively new work. Here initial two characters which are “Ph” keyword Pharming is derived from the term “Phishing”. Phishing is another type of cyber attack where intruders try to receive user credentials by making a look-alike fake page of original popular websites. Normally it is the role of DNS servers to resolve requested domain name to respective website IP addresses. However, an infected DNS server resolves the domain name to fake site IP addresses. Once the user lands on such fake site websites and enters credentials, the user’s credentials are captured and are used for wrong uses
Now with that, let us know the definition of Pharming?
Pharming is one of the various cyber attacks which are practiced by the attackers. Pharming simply redirects the user from accessing the requested site to a different but similar looking fake site. In Pharming simply DNS is infected so that instead of resolving to an actual IP address, it gets resolved to some wrong or fake website IP address.
The infected DNS system is generally referred to as “poisoned”.
There are several ways by which Pharming is generally practiced. One such common way is to update or infect the user’s local system host files. They generally infect personal computer’s host files. An attacker generally sends them some malicious code which infects their local system host files. It is the role of host files to convert user requested URLs into a number of manipulated strings which in turn is used by the computer to access web sites.
Another common form of Pharming is infecting DNS directly. Role of DNS is to resolve user requested domain name to a respective website IP address. An injected DNS wrongly resolves incoming request and hence redirecting the user to malicious pages
What is the purpose of Pharming?
By now it is quite clear that for what Pharming is generally used for. Like any other cyber attack, pharming too is practiced with the wrong intention. The basic minds behind Pharming try to get user sensitive information such as username and passwords. These collected sensitive user information are then used for various fraudulent transactions like banking transactions etc.
Another common use or purpose of Pharming is to generate traffic to a webpage. This is done basically to generate revenue by generating traffic on a particular website domain. As more and more traffic is generated by redirecting to the wrong website, more and more revenue is generated.
How do you recognize Pharming?
There are several ways to recognize Pharming. Although there is no full proof mechanism by which we can say that following particular set of operations will keep users safe from Pharming. Let us try to look at a few different ways by which we could detect fake websites at least on a broader scale.
Look for secured websites only – Once you are migrated to a particular website, always check secured websites. Like your website should follow Https:// protocols. For example, the website should start with https://www.WEBSITE.com If the website is following secured Hyper Text Transfer Protocol then only proceed to enter your valuable credentials.
Now let us try to know that apart from https protocol what are the other ways by which we can detect fake websites.
- Defacements – Look for any defacement like attackers generally remove original logo with the similar looking logo
- Suspicious pop-ups – Check if the website is showing unwanted ads and pop-ups
- SEO spam – Comments containing website URL is another way to detect vulnerable website
How do you prevent Pharming?
There are several ways using which Pharming could be totally avoided. Although using malware and anti-virus has no impact on it. There is no point in using such tools against Pharming as in most of the cases attack is done online while navigation of url’s in spite of the host system. Now let us look how Pharming could be prevented
- Do not click on URL directly – For navigating to a website do not open a URL by clicking on URL directly contained in emails or something. If you wish to visit a website then always open a new tab or browser and then manually enter the link of the desired website which you wish to visit
- Avoid clicking ads on websites – Do not click on ads and pop-ups which randomly appear on different websites. These ads could be the potential source for the same
- Check for https keyword – As explained earlier also always use websites which has secure protocols. Never try to access those websites which are not following secured protocols
There are several ways by which attackers do cyber attacking. Pharming is one such mechanism. They generally try to find loopholes in the system and then try to get benefit from such loopholes by misusing it. We people generally due to our negligence always visit any website and uses it without providing any attention to the authenticity of the visited website. Some of the other way it is our duty also to detect such malicious websites and avoid using it.
This has been a guide to What is Pharming. Here we discussed the introduction of some basic concepts, definition, and how to prevent Pharming. You can also go through our other suggested articles to learn more –