Pharming Attack Prevention and Examples
The term “Pharming” is a combinative word formed using farming and phishing. Pharming is a way of online fraud by cybercriminals that install some malicious code on your computer or server with fraudulent websites. The code is sent to the user through a bogus website, where the user may trick to provide personal information. Through this, the fraudster also gets immediate access to the personal information of the user such as Username and Password.
Pharming Attack :
A Pharming attack is a form of cyberattack in which a cybercriminal sends a fake website instead of the real one and that fake website looks similar (almost the same) to the real website. Cybercriminals exploit the vulnerabilities of a DNS server. A DNS server is responsible for converting a domain name to an IP address. Pharming could take place in two ways either by exploitation of a vulnerability in DNS server software or by changing the host’s file on a victim’s computer. Cybercriminals intentionally redirect users to a fake version of the website to access and steal usernames and passwords.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.
Working Of Pharming Attack :
- Whenever a user visits some fraudulent websites, the malware gets installed on the computer and it corrupts the information which turns out to be a pharming attack.
- Whenever a user visits any URL via any browser such as Chrome, Mozilla Firefox, Opera, etc. the browser contacts the DNS server and requests the IP address for the desired domain. This will change the DNS server itself and turns into a pharming attack.
If Pharming Attack occur on :
1. Client-Side– If a pharming attack occurs on the client-side then it is a
- Attack on the local host file.
- Attack on the home router.
- Attack on Browser Proxy Configuration.
2. Server-Side– If a pharming attack occurs on the server’s side, then it causes
- Poisoning of the cache DNS server to put fraud entries.
- Transparencies on the proxy server between a user and the internet.
- Exploiting the intruder manipulates resolution entries for any selected websites.
Protection from Pharming Attack :
- Using a trusted Internet Service Provider (ISP) to reduce the attack.
- A VPN service that has reputable DNS servers can also be used.
- Always enables two-factor authentication on sites that offer it.
- Avoid suspicious websites, because they can steal the data.
- Changing the default password on your consumer-grade routers and wireless access points.
- Be cautious while opening links or attachments that are from an unknown source.
- Always use a verified internet service provider, whenever it is possible.
- Security Software is mandatory to reduce pharming attacks.
- Ensure you are using secure web connections (eg:- HTTPS in the web address).
Pharming Attack Examples :
- Many financial companies are affected in the U.S and Asia due to pharming attacks.
- A Mexican bank got affected when the DNS of a customer’s home routers were changed and they don’t even know their all data got hacked. Symantec reports that it was a pharming attack.