What is a Pharming attack?
The word pharming is formed by combining two different terms: “phishing” and “farming”. According to the Spanish Data Protection Agency, a pharming attack is the method normally used to carry out “phishing attacks”.
A pharming attack redirects the domain name server (DNS) of a trusted entity to an identical web page that has been created by the hacker to obtain the user´s privacy data.
The main difference between a phishing and a pharming attack is that, in the latter, victims are redirected to a malicious site, without any specific action on their part such as clicking a bad link or entering a malicious URL.
But…How are these attacks carried out?
There are mainly two different ways to carry out a pharming attack:
- By infecting or poisoning the DNS server. DNS servers are responsible for translating easy-to-remember web addresses into numeric IPs. The hacker infects the server to redirect users to a malicious site.
- Another option is to modify the HOST file. In this case, the hacker installs a virus or trojan on the user´s device
How to protect ourselves
To prevent these attacks is especially complicated because they do not even require human failure. Some recommendations would be: avoid visiting suspicious sites or clicking on web links that do not inspire confidence, but even this does not guarantee that we will not be victims in the future.
Currently, the only approach or technology capable of guaranteeing protection against this type of attack is web isolation. Discover how RITech can help you protect your business.