When we surf the Internet we can run into many threats that can compromise our privacy and security. Attacks that are used by hackers to achieve their goals. In this article we are going to explain what Pharming attacks are, how they can affect us and of course what to do to avoid being victims of this problem.
What is a Pharming attack
First of all we are going to explain what this term means, what is a Pharming attack . We can say that it is a cyber attack that aims to redirect web traffic from a legitimate site to a fake one and which is controlled by the attackers. This site that we mentioned, the fake one, has been previously designed to look really original and that it will not be a problem for users.
As we can see, it has certain similarities with Phishing . However, in this case, Pharming is more sophisticated, it can generate a wider network and affect more users in a short period of time. This could put an entire company in check.
If we compare it with Phishing we can say that Pharming has a different modus operandi. It is also more difficult to detect , since it is not simply a fake link that we have received. They could attack, for example, a DNS server to divert traffic from the legitimate website to one controlled by the attackers.
The victim would not know how to recognize, at least first, that he is facing a false page. This puts personal data and information at risk.
Pharming types
We can say that there are basically two types of Pharming: the one based on malware and DNS poisoning.
When we talk about malware-based Pharming, we refer to the one that will need malicious software, such as a Trojan, to achieve its objective. This can come through an attachment or a malicious program that we are using, for example. This could attack the host file on our computer and redirect traffic from legitimate pages to malicious sites.
We already know that the host file is something like an agenda where all the addresses that we are going to visit are stored. They are the host names of those websites and their corresponding IP addresses. What it does is manage the names we put in and it takes us to the corresponding page. That is what could be modified through malware and the victim ends up in a site that does not correspond to what they expected.
We also have DNS poisoning Pharming . What the hacker does in this case is attack DNS servers. A DNS server is like a telephone book with the domain names and the corresponding IP address of each of them.
In case they detect vulnerabilities, they could access a DNS server and poison the cache, entering false DNS entries. In this way, they manage to redirect the victims’ traffic to a site controlled by them.
How to protect ourselves from Pharming attacks
We can take into account certain tips and recommendations to protect ourselves from Pharming attacks and avoid being victims. Let’s see which are the main ones that we can put into practice.
Use security programs
Without a doubt, something basic that we must always take into account is the importance of having security programs . A good antivirus can help us avoid the entry of malware that could affect our security.
There are many programs that we have at our disposal. This is something that we must apply regardless of the type of device or operating system that we are using at the time.
Keeping equipment updated
We have seen that sometimes hackers to carry out Pharming attacks rely on vulnerabilities in computers. Therefore, we must always keep the systems and all the tools that we are using updated with the latest versions.
On the one hand we are going to achieve better performance, since we will have the improvements that come with the new versions . But we will also correct those security flaws that could affect us.
Check that the site is encrypted
When we enter any web page, and before entering any personal data, we must verify that the site is correctly encrypted . Generally the fake pages that are used to steal information are not encrypted and it can be an indicative sign of the problem we are facing.
Protect accounts online
Of course we must also always protect our accounts and records on the Internet. This, among other things, means that we must use passwords that are strong and complex. They must be unique keys, that we are not using anywhere else, and that they have letters (upper and lower case), numbers and other special symbols. All this in a random way.
Additionally, we can create an extra security barrier if we activate two-step authentication. This is something that is increasingly present in the different services that are in the network.
Analyze the website
We must also analyze the website we have entered. Check aspects such as possible spelling errors or abnormal changes that we can see. In this way we can discover possible Pharming attacks by seeing that this website does not look as it should.
Common sense
Finally, although in many cases the most important thing, common sense . We have commented that malware-based Pharming attacks can arrive through an email with a malicious file attached, for example.
We must therefore always keep common sense in mind. We must avoid mistakes that could compromise us and damage privacy and security.