We’d like to think companies that have access to our most sensitive information also have the technology measures in place to keep it safe. For the most part, that’s true: if you do any online shopping or banking, most legitimate companies implement the latest tools to ensure information that is sent and received will not get in the hands of malicious sources.
However, thieves and hackers are getting smarter. Instead of hacking into a major company’s website and stealing your information—not something the average hacker can easily do—they’ll grab your data by another tactic known as pharming.
What is pharming?
Pharming, which is a mashup of the words “farming” and “phishing,” is a type of illegal activity similar to phishing in that a cyber thief manipulates website traffic to a fake website to steal confidential information.
Whereas phishing tries to get someone to visit a fake website through emails, pharming infiltrates a computer system and installs malicious code which redirects traffic intended toward the legitimate website to instead go to a spoofed one, leaving the user none the wiser.
Websites that typically fall victim to pharming include banks, financial services companies and online shopping portals. That’s because these places often require you to enter your personally identifiable information, or PII. The hacker uses the information from these fake websites against you—by accessing your account or committing other types of identity theft.
The scariest aspect of pharming? Your computer can be free of viruses yet it could still direct you to a fake website because hackers now have the capability of infecting the DNS server of the legitimate website. Your computer or smartphone virus software may not pick up on the fact that you’re about to visit a bogus site.
According to the FBI’s Internet Crime Complaint Center (IC3), a 2018 report shows that financial losses from pharming attacks totaled $48,241,748, more than twice the amount reported in 2017, which was $29,703,421.
How does a pharming attack work?
Let’s say you have two email addresses and no longer use one. Instead of shutting down one of the two accounts, you can forward messages from your old email account to your new one without your contacts ever knowing.
That’s similar to how pharming works.
“An attacker uses DNS poisoning, which means they can gain access to a website’s DNS server and modify their entries so that it redirects you to their fake website,” said Omer Kaan Aslim, president of cybersecurity services provider Desired Outcomes. “Once you’re on their website, the hacker then hopes that the victim types in their bank account details.”
If you enter your payment information and shipping address on the fake website, the information gets sent to the hacker who can then use your credit card to make fraudulent purchases.
How can I protect myself from pharming attacks?
Being vigilant is the best way to reduce the chances of being a victim of a pharming attack.
- Check the address bar to determine if the URL is spelled correctly, for example, it’s Microsoft.com and not Microesoft.com. “This can prevent most pharmining attempts,” said Aslim.
- Look to see you if you are actually navigating to a website. Check the address bar in your browser—it should say “https://” before the URL and display a padlock icon. This indicates the website is difficult to spoof and will encrypt your information. Most safe browsers also warn you when visiting unsecure websites.
- Run frequent malware and antivirus scans. This ensures hackers haven’t modified or accessed your computer.
- Monitor your identity regularly to see if any of your PII may have wound up on the dark web.
- Consider using a reverse email search to try to uncover who may be behind any suspicious emails you receive after shopping online or doing online banking.