Let's explain to you what is the pharming, a type of cyber scam similar to phishing, and with which an attacker can steal confidential information from you through identity theft. Specifically, this attack manipulates website traffic in a way that is not always easy to notice.

Since the best way to avoid this type of deception is to know them in order to identify them, we will start by explaining what it is about. And then, we'll finish by telling you how you can protect yourself from this type of scam.

What is pharming

The term pharming combines the terms phishing and farming, which mean to fish and farm. This is a scam similar to phishing, in which a cybercriminal will redirect you to a spoofed page when you want to enter a specific legitimate business, and it will use forms for you to fill out and provide your personal data.

In phishing, the attacker sends you an email with a false web address so that you click on it and go to the falsified page. Pharming is a little more different, as it does not use baits of this type. Instead, when you type the address of a legitimate website To enter it, you are redirected to a fake one that looks like the real one.

Once you are on the spoofed page, the attacker will use forms and other elements to steal login passwords, personal data, and even financial data such as your card number and security code. With this they can steal everything from Internet accounts to money from your bank account.

How pharming works

Pharming is a type of attack that is done in two steps. First of all, it sends you a malicious code in an email, and when you open it it will install a virus or a Trojan inside your computer. This is a similar part to how phishing works.

This malicious code, what it will do is change the hosts file on your computer. This is an internal file on all computers, which converts the sequences of letters with which you type a web address into the IP address of your server.

So that you understand it well, when you type Xataka.com in the browser, there are a series of internal technologies that convert that Xataka.com into an IP address, which is the real address of our server with which you access our content. So, with this type of virus that modifies these internal technologies, when you type Xataka.com you can end up going to the fake website.

In addition to this, cybercriminals can also attack and modify the DNS table of a server. If you choose this option, They don't even need to install anythingThere will simply be several random users who, when they want to enter a legitimate website, are redirected to the fake one. This method is more difficult, it is easier to trick you into installing malware than it is to hack a company's DNS, although the second method allows them to get more victims.

In the second part of this attack, cyber scammers will have a spoofed website that is identical to the legitimate one you are trying to access. And on this page, they will add the necessary input or registration fields for you to enter your information without knowing that you are giving it to a scammer.

How to protect yourself against pharming

The most important thing when it comes to avoiding pharming is, first of all, hire a trusted Internet Service Provider (ISP). Come on, it needs to be a good provider that fixes suspicious redirects by default to prevent you from reaching a pharming page.

You must also use a trusted DNS. The normal thing is that you use your Internet provider's DNS, which is how your computer is configured by default when connecting it to your home network. But if you decide to change the DNS manually, make sure you use reputable and specialized services, and not random ones you find on the Internet.

Use addresses that begin with HTTPS, and try not to trust those that start only with HTTP. Although it may seem like an insignificant detail and both take you to web pages, those that use HTTPS have a security certificate. Here, today, pages that only use HTTP are usually automatically detected as dangerous, and it is normal that the majority have already updated to HTTPS, but it is always good to make sure and look in your address bar.

And just like in phishing, it is also important Do not open addresses or files that come from strangers, whether you find them online, get them via email, or appear in too-good-to-be-true ads. This is essential to avoid installing malware or going to fake pages.

It is also important check a website before writing your data. You should do this by default, see if there is anything different in its appearance, see if there are suddenly misspelled things, check that the URL is correct, or if there are new forms.

And finally, simply be careful when a new website is suspicious. Perhaps if you enter a website for the first time and are redirected to a fraudulent one, you will not be able to compare and distinguish differences, so be careful when providing your data. Especially with payment methods, and try not to write your card, but use services that act as a bridge, such as Paypal.

Cover image | pxhere.com

