Skip to Main Content

Pharming: How to protect yourself from internet scams

Simply getting yourself something, using banking and government services online, streaming content: Few of us can imagine life without the internet as it allows us to arrange our everyday lives exactly how we want.

However, digital progress brings with it an increase in online scams — and cybercriminals’ tricks are becoming increasingly sophisticated. Pharming is one such method where you don’t even have to fall for a fake email.

Read on to learn what pharming is, what tricks hackers use, and how you can protect yourself and your online privacy from internet scams.

What is pharming and how can you protect yourself?

The term pharming is a mash up of the words “phishing” and “farming”.

You’ve probably heard about phishing as a form of online scam because you’re regularly warned about it. It’s a collective term for attempts by hackers to get hold of your personal data via spam emails, direct messages, or bogus websites — something you can protect yourself from with a little healthy distrust and a keen eye. That said, with pharming — which is very similar to phishing — the situation is different, unfortunately.

Pharming is a scam where cybercriminals install malware on your PC or a server, causing you to be redirected to spoof websites without you even realizing it. That’s why pharming is also referred to as phishing but without the lure.

Unlike phishing, pharming — as a really insidious form of cyberthreat — starts with the fundamentals of internet traffic. That’s because hackers specifically manipulate what are know as DNS (domain name system) requests — something we’ll look at in more detail below.

A reputable antivirus program can help you strengthen your protection against a virus or malware attack. And it doesn’t even have to cost you a cent, as even the free version of the proven solution Avira Free Antivirus can help you improve your PC, laptop, smartphone, or tablet’s protection against a malware attack. Plus, with Avira Free Antivirus you get a lightweight antivirus program that won’t sap your device’s resources — and it can factor in performance and privacy considerations when scanning your system.

At the end of this post, we provide additional tips on how you can protect your laptop, PC, smartphone, or tablet from a pharming attack.

Different pharming methods

Cybercriminals employ two types of pharming method: Malware-based and DNS server-based attacks. In both cases, they target the internet’s cataloging method.

In plain English: Every website and every internet user is assigned a unique IP (internet protocol) address — which is nothing else than a uniquely assigned sequence of numerical values that could be 123.45.678.90, for example.

When you enter a website address in your browser, a DNS server automatically translates it into an IP address — precisely where cybercriminals start their pharming attacks.

Malware-based pharming

In a malware-based pharming attack, hackers succeed in installing malware on your device, which can access the DNS cache and change its settings.

To speed up the translation process from the website name to an IP address, most internet browsers store the data in the cache temporarily. So instead of contacting an external DNS server and looking for the matching IP address, the information is stored on your computer. This storage process is known as DNS caching.

Malware-based pharming targets the DNS cache and is particularly problematic because you’re entering a correct website address. If your device is infected with malware that aims to conduct a malware-based pharming attack, a very well camouflaged redirect takes place: The installed malware modifies your computer’s local hosts files and DNS cache, which is why the legitimate domain you’re accessing is translated into an IP address that takes you to a bogus website.

The super sly thing about it is that such fake websites usually look amazingly similar to the real thing, so we don’t even doubt its legitimacy even for a second. Any information you enter into such a compromised website, such as account details, ends up going straight into the hackers’ hands, which they can then use to commit fraud or online identity theft.

DNS server-based pharming

In the case of DNS server-based attacks, cybercriminals attack the DNS server itself without having to access individual computers.

An infected DNS server will redirect you to a fake IP address, even if your computer is not infected with related malware. These types of attack are not tied to individual DNS caches, as it is the server itself that is “poisoned” — redirecting you to a fake website even if you enter the correct address (URL).

Many website operators and large companies invest heavily in sophisticated anti-pharming measures due to the magnitude of the potential threats posed by DNS server-based pharming.

What’s the difference between pharming and phishing?

Pharming is definitely a more sophisticated form of phishing. In both cases, cybercriminals aim to gain access to sensitive user data to then cause you considerable financial and/or personal damage with the stolen access information.

But there are also differences between pharming and phishing.

With phishing, you’re the one who, for instance, clicks a link sent by email or downloads a zip file that contains the relevant malware — because you don’t doubt for an instant that the sender’s trustworthy.

This is exactly what pharming doesn’t require, which is why this form of online scam is so sneaky. When it comes to pharming, cybercriminals don’t even need you to click any sort of link.

For example, if you’ve unknowingly become a victim of malware-based pharming, you always end up on fake websites located on online scammers’ (pharmers’) servers. Unlike phishing, which is typically a one-off event, pharming is a scam that’s always lying in wait.

How to protect yourself and avoid pharming attacks

You might assume that you can’t protect yourself from pharming attacks at all, but fortunately that’s only partially true. That’s because there are some measures you can take to avoid pharming attacks:

  1. Be wary of emails that ask you to take action such as entering information. No bank or government agency would ever ask you to do that. Simply taking a look at the email address details is often enough to tell that the sender address is different from the one it purports to be.
  2. Never open any file attachments (such as zip files) if you don’t know the sender.
  3. Be suspicious of unusual wording and grammatical errors, odd formatting, different font sizes, inappropriate images, and the like.
  4. Websites that don’t have “https” in the address line don’t meet current security standards. Even if your internet browser allows you to open this website regardless, it’s best not to visit the website in the first place.
  5. Change your router’s default password.
  6. Turn on the firewall on your devices.

Additionally, you can get tools to help you avoid pharming attacks.

Among them, any device you use to surf the internet — be it a PC, laptop, smartphone, or tablet — should have a proven antivirus solution installed on it, like Avira Free Antivirus as mentioned.

Use a VPN (short for virtual private network) with a reputable DNS server. It comes into its own, especially on public Wi-Fi hotspots, as such a tool can encrypt your data traffic and also prevent your own IP address from being visible. Avira Phantom VPN, for instance, helps you strengthen the protection of your online activities and surf in privacy.

Avira VPN
Strengthen the protection of your online activities and surf in privacy with Avira Phantom VPN.

Top tip: Avira Antivirus Pro and Avira Prime include a suite of tools to help you improve your devices’ security and performance as well as your privacy — and in addition to a tried-and-tested virus protection solution, they also include a VPN.

Avira Antivirus Pro with built-in VPN
Avira Antivirus Pro includes an antivirus solution as well as a VPN.

This post is also available in: GermanFrenchItalian

Avira, a company with over 100 million customers and more than 500 employees, is a worldwide leading supplier of self-developed security solutions for professional and private use. With more than 25 years of experience, the company is a pioneer in its field.