Pharming
a cyber scam where malicious code redirects a user to a fake website without their knowledge
can lead to personal data loss
Strategies to avoid becoming a victim of pharming
Avoid clicking links and attachments from unknown senders
Use a reliable DNS server
redirecting a victim to a fraudulent website to steal their valuable personal information.
identity theft
Avoid suspicious-looking websites generally
Avoid deals that appear too good to be true
Enable two-factor authentication where possible
a victim of pharming
If you think you have already fallen victim to pharming malware or a pharming attack
PayPal or credit or debit card charges that you do not recognize
Posts or messages on your social media that you did not post
Friend or connection requests from your social media that you did not send
Changed passwords in any of your online accounts
New programs appearing on your device which you did not download or install
Clear your DNS cache
Run your antivirus program to remove and malware make sure your device is secure
Contact your ISP if you believe your server has been compromised
Change the password for all your online accounts
Follow the fraud reporting procedures for your online banking, email, and social media platforms as applicable
examples
redirecting users to another website when a search engine is entered into the browser. The attacker uses a malicious search engine to redirect users to ad sites or a specific phishing website. This can be done by hijacking browser resources or detecting when users navigate to a particular financial site.
If a user would open their browser and enter the web address of their bank in order to complete a transaction in online banking. However, the user is redirected to a fraudulent site that looks like the bank’s website. For this reason, it doesn’t seem suspicious – the user doesn’t check the address line and proceeds to enter their login data. An error message appears. The user is briefly surprised by the message, but puts it down to technical problems and tries to make the bank transfer later. Nonetheless, the attackers were able to capture the user’s login data from their entries. They can now use this data to gain access to the user’s account and send themselves large sums of money. The user only discovers the attack a few days later when they check their account statement and see the unfamiliar transfer.
pharming malware and DNS poisoning