According to the wiki: “The word pharming derives from the term farm (farm in English) and is related to the term phishing, used to name the social engineering technique that, by spoofing emails or web pages, attempts to obtain confidential information from users, from credit card numbers to passwords.”
Basically it is a type of attack whose objective is to redirect web traffic from a legitimate or trusted site to another false one controlled by the attacker. It is a computer scam much more sophisticated than others that exist and, therefore, much more dangerous.
When the cybercriminal takes control of the DNS server to which the victim accesses to make his queries, the DNS will direct the victim to a website with the same address that he entered and of identical appearance, created by the cyber-fraudster to collect the data once it has been entered, usually bank details, accounts, card numbers, passwords, etc. For the victim there will be no difference, on their screen they will see the real address of the website they typed, but in reality, they were redirected to a fraudulent site.
It is very similar to phishing since the result is the same, but they work differently, in phishing the user or victim must enter the website through a link and would access the identical website to which they wanted to enter, but in the pharming This link is not necessary since the cyber-criminal controls the DNS and the victim will directly enter the website created by the scammer.
There are two types of Pharming, one in which the DNS servers are directly attacked, so all users would be affected, or attacking specific computers by modifying the “host” file that is present on any computer with the Windows operating system or Linux.
How to protect ourselves against Pharming attacks?
Check URL addresses for errors, when you access a website, you should wait for it to load completely to check at a glance if it contains any errors. Pharmers can disguise their sites with spelling errors, such as rearranged letters or substitutions.
Look for URLs that begin with HTTPS, this will tell you that the data traffic between you and this address is secure and will be encrypted. Above all, you have to pay attention to this when you are going to carry out any type of economic transaction.
Keep your system and antivirus updated and rely on its alerts when you are browsing.
Use strong passwords with symbols, characters and even two-factor authentication, as it is an additional layer of security and one that we can already have in almost all applications that use personal data or carry out money movements.
And finally, and as I always say, have common sense, it is the best antivirus, we must stay away from suspicious websites or offers that direct you to third-party pages to make your payment, no matter how incredible the offer may seem, if not There is a secure payment platform, run away.
