What is Pharming?
Pharming is a digital attack method used by malicious Internet users in order to redirect the traffic of a legitimate website towards a misleading one with the purpose of tricking web surfers into divulging credentials such as usernames, passwords and private information that would be otherwise required to be inserted in the original version of the website.
This type of attack is usually conducted using maliciously modified hosts file that permits local DNS manipulations or via exploits that benefit from certain vulnerabilities and allow DNS injections in order to facilitate this type of attack. Due to the fact that DNS servers are computers responsible for translating human-readable domain names into their respective IP addresses, any manipulation of such entries can result in critical effects for a wide range of Internet users.
Due to the fact that antivirus software and anti-spyware software cannot protect against pharming attacks, more complex security measures are used in order to prevent this type of attack from impacting the security and privacy of individual computers or large scale corporate networks.
As malicious domain name resolution attacks implemented on large scale DNS server nodes are hard to establish, pharming attacks have proven more efficient and successful near the end-points of the Internet security chain, respectively on desktop computers that receive poor administration and scarce security maintenance. For this reason, the simple modification of a local hosts file conducted by malicious software that has been previously installed on the computer may result in a fraudulent copy of a website being displayed every time the user tries to access it.
Due to the fact that Pharming attacks can lead to loss of private data and privacy it is recommended to always act caution when visiting websites that provide access to private email, private banking or social security information due to the fact that digital criminals using Pharming attacks will most often look for this type of information at first since it can provide access to further private data.