Pharming is a cyberattack that secretly redirects users from legitimate websites to fake copies, typically through malware or by tampering with internet systems. A pharming attack redirects a user to a fake copy of a legitimate website using malware or a DNS spoof.
What makes pharming especially dangerous is that it can target users without requiring any action on their part. Unlike other cyberattacks that rely on users clicking malicious links or downloading infected files, pharming works invisibly in the background. Users can type in the correct website address and follow all the proper security practices, yet still end up on a fraudulent site due to compromised DNS systems or malware already on their device.
Types of Pharming Attacks
DNS-Based Pharming: Attackers tamper with DNS records on a DNS server to redirect large numbers of users to a malicious site. This can affect anyone who uses the compromised DNS server.
Host File Poisoning: Malware modifies the local host file on a victim's device to redirect specific domain names to malicious IP addresses.
How to Protect Yourself
The most effective defense against pharming combines technical safeguards with user awareness, creating a security posture that can adapt to evolving threats. Key protective measures include:
Create strong, unique passwords for all your accounts, especially your router and DNS settings. A password manager is particularly valuable because it will not automatically fill in your login details if you are redirected to a fake website.
Add multi-factor authentication wherever possible to create another barrier that makes it much harder for criminals to access your accounts, even if they steal your password through a pharming attack.
Keep your anti-malware software updated since some pharming attacks rely on malware that manipulates your computer's DNS settings locally.
Consider upgrading to a more secure DNS service that includes built-in protections against domain spoofing and malicious redirects.
Avoid connecting to public or free Wi-Fi networks, as attackers can more easily intercept and redirect your web traffic. A VPN adds encryption that makes it much harder for criminals to manipulate your internet connection.