What is Pharming Attack?
The attacker redirects or intends to redirect the traffic of a website to another bogus site. This is what Pharming attack is. Apparently there are tons of people searching for Pharming tutorial every day.
And this is achieved by changing the host files on the victim’s computer or by the exploitation of a vulnerability on the DNS server software. The word pharming is derived from two words – “farming” and “phishing”. Phishing a type of social engineering attack in which the attacker intends to obtain the victim’s credentials such as usernames and passwords. In phishing, the attacker has to lure the victims to a fake site.
DNS servers resolve Internet names into their IP addresses. Compromised DNS servers are referred to as “poisoned”. To perform this kind of attack, it requires unprotected access to the target systems, such as the victim’s personal computer, rather than corporate business servers.
Phishing vs Pharming
You should be clear about the distinction between Pharming and Phishing. Phishing assaults begin with the receipt of an email requesting that you visit a site where you may get traded off. Pharming assaults begin at the DNS server level where you are diverted to a malevolent site.
Pharming attack will redirect the victim to the attacker’s site even though the victim enters the correct address for the website. For example, the victim intends to access twitter.com and enters the URL, he will still be redirected to twitter.com but he will be surfing a fake website.
Prevention Techniques for pharming attack:
Pharming attack has been a major concern for online banking systems as well as for e-commerce businesses. To protect against this threat, sophisticated measures are required. These measures are known as “anti-pharming” measures.
Utilize a trusted, true blue Internet Service Provider:
Rigorous security at the ISP level is your first line of barrier against pharming. Web access suppliers (ISPs) are buckling down on their conclusion to sift through ‘pharmed’ locales.
Better Antivirus programming:
Install an antivirus program on your Windows PC that does the correct activity for you. It is a decent practice to purchase an against infection framework from a trusted security programming supplier to diminish your presentation to pharming tricks.
Keep PC refreshed:
Get into the propensity for downloading the most recent security refreshes (or fixes) for your Web program and working framework to remain ensured. Utilize a decent secure web program dependably.
Twofold check the spelling of a site:
In many cases, it is watched that the assailant darkens the real URL by overlaying a honest to goodness looking location or by utilizing a correspondingly spelled URL. In this way, dependably check the Web program’s deliver bar to ensure the spelling is right.
Check the URL of any site that requests that you give individual data. Ensure your session starts at the known bona fide address of the site, with no extra characters added to it. Yet, recall that your program may show the true blue URL, yet you won’t be on the honest to goodness server.
Check the testament:
It takes a couple of minutes if not seconds to confirm if a site page you’ve opened in the program is true blue or not. To check, go to ‘Record’ in the fundamental menu and select ‘Properties’. Then again, you can right-click your mouse anyplace on the program screen and, select ‘Properties’ alternative. From the menu that flies up, tap on “Endorsements” and check if the site conveys a safe authentication from its honest to goodness proprietor.
Check the ‘HTTP’ address:
It is the most secure and simplest practice to take after. When you visit a page where you’re requested to enter individual data, the ‘HTTP’ should change to https. The “s” remains for secure. This post will demonstrate to you the distinction amongst HTTP and HTTPS.
Search for PadLock:
A bolted latch, or a key, demonstrates a protected, encoded association and an opened lock, or a broken key, shows an unsecured association. Along these lines, dependably search for a latch or key on the base of your program or your PC taskbar.
Finally, a Note: Antivirus or any kind of spyware removal tool cannot solely protect you against this attack.
Also read: Worst computer viruses in history ever.