Prevention of the Pharming attacks

With the huge increase of online activities you are engaged in on daily basis, it happens from time to time that your browser redirects you to a website that seems to be very similar to the one you are trying to access. Was this a coincidence? Is it something to worry about or is it just an internet technical failure where the internet line has dropped some packets, which makes the websites load in a different or corrupted way? 

No, not at all, it is a new and complex type of cyber-attacks called Pharming. This technic targets the user's computer traffic, and redirects it from the already legit visited website to a different one built and controlled by the attackers in a way that allows them to steal and collect the user’s personal information such as their username and password, credit card details, bank details and many others.

The data collected from your computer can be sold by the attackers to advertising agencies or can be sold on the dark web, especially the finance account and credit card details. 

How does a pharming attack happen? 

This type of attack is in use by hackers to target financial institutions, and to collect bank and credit card details. It uses a complex technic which makes it hard to be detected by regular persons, as it involves tampering with the IP address linked to the website you have visited and the details of which are temporary stored on your computer database, or this can happen by hijacking the Internet service provider’s domain name servers, who are responsible for mapping the IP addresses assigned to the websites you have accessed and are registered on the servers host files which are used to store temporary IP addresses and the domains they are allocated to. Attacking and altering DNS servers' records is mainly called DNS hijacking. 

What is the difference between Pharming and Phishing?  

If we look closer at this type of attack, it looks very similar to phishing attacks, as it targets the users and tries to collect the same data, but the technicality is different. 

Phishing attacks try to collect that type of data by using fake links sent through emails, while Pharming collects the data by redirecting the user to a different website, which is considered more complex than Phishing since it is out of the user’s control, and the user should be vigilant and aware of the websites they are trying to access to ensure that the website they have accessed is the correct one and not a website that was altered by an attacker. 

What are the signs you should look out for to avoid being a victim of a Pharming attack? 

While accessing a website:  

• Make sure that the website’s landing page is familiar and shows what the original website is meant to show. 
• Look for the services that the website is set to display; are they familiar? 
• Make sure that your antivirus is not giving you any alert about this website, as well you can check your browsers for any recommendations and website rankings, and warnings. 
• Be vigilant about any strange behavior taking place on your laptop. 

With the complexity of this type of attack, protecting your assets and data is a must.  

How to protect yourself and avoid being scammed? 

• Get your internet subscription service from a trustworthy ISP. 
• Make sure the website address is typed correctly.  
• Do always look for “HTTPS” and check the validity of the website certification especially when doing online financial transactions. 
• If you feel uncertain about any website or link, do not open it. 
• Install and use a reputable antivirus. 

By the end of this article, and as security experts, we do recommend to maintain your digital devices UpToDate, equipped with antivirus as well to be vigilant while browsing internet sites and reading your emails. You can always check Safespace for more information on how to stay safe and protect others when online.