Pharming is a scamming technique in which attackers redirect traffic of a legitimate website to another fraudulent website with the purpose of spreading malware or stealing sensitive data from victims.
It looks a bit like this. Let’s say you type in Facebook in the URL bar. You think when you you’re going to land on the official Facebook page, but in reality, scammers have found a techy way to send you to a fake website.
This fake website will look exactly the same as Facebook. Unless you're looking for it, spotting a fake website is incredibly hard.
The scammer will be able to see EVERYTHING you’re doing on this fake website page. When you enter your email and password, they can see it and note it. They’ll have that information on you. Now imagine how much damage they could do if they trick you into ‘signing in’ to your bank, using a fake page.
The scammer would have your name, and bank details. They could literally then just sign into your real account as you, and empty your account.
How they do this is quite technical and they use several techniques to make it possible, such as DNS Cache Poisoning or compromising a host to make it possible.
The best way to avoid getting pharmed is to always make sure you have a good antivirus or anti-malware installed and that it is updated regularly. These should be able to detect an edit to your computer’s address cache file and alert you before any damage is done.
Even without antivirus (or if your antivirus doesn’t spot it), you can stop a pharming attack by knowing what to look for.
When you go onto a popular website, in the URL, you should see a padlock in the address bar and ‘HTTPS’ at the start of the URL. This means the website has been validated by an authoritative third party to be what it claims to be. You should really avoid entering personal details, or buying anything on a website that doesn’t have this lock.
If you have been redirected to a fake account, this lock shouldn’t be there, and when logging into a popular site, make sure the HTTPS certificate is present. If you’ve noticed that the certificate has suddenly gone missing while you’re browsing a website - run a mile!
There are also a couple of other things you can look out for. The URL might have an incorrect spelling, or have random letters or numbers before or after it. Also, while scammers do a good job at making a fake website look real, the graphics might not be hi-res and the layout might be slightly off.