Leave it to cybercriminals to find yet another way to steal your personal and company credentials and private information. It’s called pharming, and if you’re like most business leaders or IT professionals, you may not have heard of it.
Here’s how it works; instead of relying on a user to click on a malicious link in an email, pharming uses malware to redirect the victim's web traffic to spoofed websites.
Even if the malware doesn't work correctly, it can still cause headaches. This is because cybercriminals often don't test their software extensively. When the malware has bugs, it can cause a user's computer to shut down, randomly restart on its own, cause Blue Screens of Death, and/or other interruptions.
Also known as DNS changer malware, pharming malware is a piece of software installed on a victim's computer to redirect their web traffic to controlled websites.
For example, if a user has this malware installed and tries to navigate to their regular banking website, the software sees and intercepts the process, sending the victim to a very similar, if not identical, looking website.
The user then enters their credentials, only to have them stolen by the criminal. Unfortunately, the average person usually does not look at the browser address bar and rarely notices the subtle change. The same tactic is used with search engine websites, and the results are redirected to ads or phishing websites.
Domain Name System, or DNS, is a service that converts alpha-numeric websites into their respective IP addresses. For example, when a user types the address www.google.com into a web address bar, the Internet uses its IP address to route to it. Specific servers around the world are responsible for hosting tables of these addresses, and home computers will cache frequently used ones for faster load times.
DNS poisoning occurs when a threat actor goes after these hosting servers to intercept web traffic on a much larger scale and redirect it to a controlled site.
The methods for pharming prevention are very similar to those of all other kinds of malicious activity:
We can help. Learn more about our fully managed security awareness training program. Our program will take the stress out of doing it yourself.