WHAT IS PHARMING??
by Gaurav Gupta
The Pharming is another technique of phishing linked to phishing, but with important differences. The Pharming consists in that an attacker manages to alter the DNS server (Domain Name System, the server in charge of “translating” the IP addresses of the websites to domains .com, .net, etc.) that you use to redirect to malicious web pages, from where they can steal your data.
For example, imagine that the attacker can infect your computer with a Trojan or other malware, and change the Windows hosts file (which performs the DNS functions), causing you to enter, for example, Gmail, You are redirected to a malicious site that mimics your design, and where you have to enter your account data (as you normally would when entering Gmail) to continue. The end is the same as Phishing: after identifying you will be sent to an error page indicating that the process has not been completed, or in some cases, you will be redirected to the actual page, not to cause suspicion, but your data will already have been stolen.
Pharming is even more dangerous than Phishing, because if it was done with malware support, after the first attack, the attacker keeps track of your DNS , so you could do many more attacks . In addition, the user is more unprotected, because unlike Phishing,
How to protect yourself?
As Phishing is not an attack made directly to your computer, protecting yourself from this is not really complicated, you just need to learn how to distinguish phishing emails and not click on their links:
How to identify a Phishing message:
Checks the sender field. Most phishers use e-mail addresses similar to those of real companies, but not the same (for example, firstname.lastname@example.org instead of email@example.com). However, it is relatively easy to send a phishing email from a real email address (this is called e-mail spoofing), so it should not be the only method you use to protect yourself.
Check the recipient field. If the message of the alleged company has more recipients than you, then it is false. All large companies automatically perform custom messages, so there should only be one recipient; although again, do not rely solely on this method, since the list of recipients is easily hidden by simply dialing “CCO” before sending the message.
The body of the message includes generic content (for example, it starts with “Dear user”), as I mentioned , the vast majority of companies and web pages use systems to send personalized messages automatically , so in case you are Registered, they will write you by mentioning your name. In some cases, the message body also includes misspellings.
And the most common: the link mentioned in the body of the message does not match the link that opens the browser. Always verify that the address bar indicates the legitimate URL of the website you are trying to access.
Finally, keep in mind this: No institution or company will ask you to enter personal information by means of an e-mail. Any message you receive asking for this is a Phishing attempt.