According to SANS, pharming is a sophisticated technique that allows automatically re-directing a user to a malicious site. Pharming (“farming” + “phishing”) is a kind of social engineering cyber attack in which criminals redirect internet users trying to reach a specific website to a different, fake site. By directing internet users to the bogus site, which may be nearly identical to the legitimate site it’s mimicking, criminals hope to obtain personally identifiable information (PII) and login credentials, such as passwords, social security numbers, account numbers, etc.
Pharming typically works by installing malicious code on either a user’s machine or a DNS server, which then misdirects users to fraudulent websites without their knowledge or consent. The first method works on an individual level. It alters the hosts file on a victim’s computer, which causes internet traffic from that computer to go to a fake website instead of the desired one. The second works on a broader level by poisoning a DNS server to redirect multiple users to the fake site. The thing that makes pharming scary is that you can have a complete infection-free computer and still get redirected to a bad site because of a poisoned DNS server. Manually entering the URL of the website you want to visit won’t help either; the redirect will happen at the internet traffic level, not on your computer.
ASI provides anti-phishing services and research, multifactor authentication and anomaly transaction detection. We deliver an integrated and comprehensive approach to multichannel fraud prevention and works in alliance with industry leaders in other security disciplines supporting a wide range of heterogeneous platforms. Our cyber security solutions provide accurate identi¬fication of devices with unprecedented accuracy while protecting users by monitoring transaction behavior for activity associated with fraudulent activity. Working closely with the leading security establishments and a robust ethical hacking community, ASI continuously collects and exercises the latest methods used in the cyber arena.
If you have questions or comments, please use this form to reach us, and you will receive a response within one business day. Your can also call us directly at any of our global offices.