What is pharming?

Pharming (“farming” + “phishing”) is a kind of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. By directing internet users to the bogus site, which may be nearly identical to the legitimate site it’s mimicking, criminals hope to obtain personally identifiable information (PII) and login credentials, such as passwords, social security numbers, account numbers, etc.

Pharming typically works by installing malicious code on either a user’s machine or a DNS server, which then misdirects users to fraudulent websites without their knowledge or consent. The first method works on an individual level. It alters the hosts file on a victim’s computer, which causes internet traffic from that computer to go to a fake website instead of the desired one. The second works on a broader level by poisoning a DNS server to redirect multiple users to the fake site. 

The thing that makes pharming scary is that you can have a complete infection-free computer and still get redirected to a bad site because of a poisoned DNS server. Manually entering the URL of the website you want to visit won’t help either; the redirect will happen at the internet traffic level, not on your computer. The best way to stay safe is to keep a watchful eye on all websites that ask you for credentials or PII, and avoid clicking any links in emails or other places to get to them. Once you arrive on a given webpage, always check the URL, and look for any spelling errors, questions they’ve never asked before, or anything else out of the ordinary. If you notice anything amiss, get out of there as soon as possible.  

Find the right cybersecurity solution for you.