2022's best place for Cybersecurity Insights and Advice for Everyone

#1 - Signup to our list and get regular insights and advice on how to be cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.

What is Pharming?

by Cyberguy | Last Updated | September 14, 2021
Cyber Dictionary|CyberSecurity - SMB

Pharming is when a bad actor (or “the pharmer”) re-directs you to a fake website instead of the legitimate one you intended to open. “Spoofed” sites capture your confidential information, including usernames, passwords, credit card data, or install malware on to your device. Pharmers usually focus on websites in the financial sector, including banks, online payment platforms, or other e-commerce destinations, often with identity theft as the ultimate goal.

Pharming attacks have become effective because they fool you and your devices into thinking the spoof sites are legitimate. The pharmer tricks your device into sending you to the pharmer’s spoof website rather than the legitimate one.

How Pharming works

Here’s the general theme on how pharming works. When you navigate to a website, you will enter a website’s URL (e.g., www.abc123.com).  This name is associated with an IP address – it is like your phone number or home address. The IP address tells your web browser where the website lives on the internet.

To convert your URL name to its IP address, your web browser looks up the address using something called a DNS (domain name server). This of DNS as the yellow pages or the phone book.  Once the IP address is determined, the web browser then goes to that internet location and the website displays its information.

Pharming comes in when the bad actors edit the phone book entry and change the phone number (IP address) to one that points your web browser to their spoof site. Neither you nor your device knows the difference. You think you are logging into your online banking system, but it’s a fake site, and you are giving all your information to the cybercriminals.

Example Pharming Attack

Don’t confuse Pharming for Phishing?

Often users think pharming and phishing are the same things? They are similar, but not the same. Phishing, as the name implies, uses bait to lure victims. Bad actors use official-looking or inviting emails or SMS messages to lure victims to visit spoofed websites and enter their personal information.

Pharming vs Phishing

Pharming skips the bait step and sends victims directly to the fake website without your knowledge or consent. Because victims are typing the URLs themselves, they may be less likely to recognize the fraud rather than clicking links in a sketchy email. It’s a sneaker type of scam compared to more direct phishing techniques.

How to protect yourself against being Pharmed?

There are strategies you can use to protect yourself against pharming attacks.

“Check twice, click once – advice to live by”

#3 You really should sign up. "Scouts Promise" ... it really will help you stay cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.