What is a Pharming Attack? - Definition & Examples

Instructor: Lyna Griffin

Lyna has tutored undergraduate Information Management Systems and Database Development. She has a Bachelor's degree in Electrical Engineering and a Masters degree in Information Technology.

In this lesson, you'll learn about pharming attacks and the various activities that hackers engage in to make the attack successful, as well as examples of vulnerabilities in computer systems that hackers exploit. Updated: 11/06/2020

What is a Pharming Attack?

Over the years, humanity has technologically advanced from one level to the next. This is also true in the world of cyber crime. As the techniques cyber criminals use to carry out their treacherous acts are discovered and exposed, they advance to new techniques. Pharming attacks are a typical example. Pharming is a more advanced technique than phishing, but still geared toward stealing a victim's personal information.

What is Pharming?

Phishing lures victims through fictitious emails to get them to visit bogus sites and reveal their sensitive information. Pharming is actually a type of phishing but with the absence of 'the lure'. It involves a hacker infiltrating a computer system and installing malicious code that causes website traffic from the system to be redirected to bogus sites developed by the hacker. This is done without the victim's knowledge or consent.

Many websites require the user's personal information. Private and personal information entered into these bogus sites is then captured by the hacker. As such, customers of banks, financial, and online payment services with any form of monetary exchange are the most highly targeted.

Pharming attacks are two-fold. They deceive the computer system in use, as well as the victim using it. It deceives the computer system by changing the correct IP address information stored on the computer into different numbers that direct the traffic of the user to undesirable websites. In the case of the victims, because they type in the correct URLs to legitimate websites as opposed to clicking a link in a suspicious email, they are confident that the web pages presented to them are authentic.

How Does Pharming Work?

One of the techniques used in carrying out a pharming attack is the corruption of the DNS services on the computer system by malicious code known as DNS cache poisoning.

A Simple Example

We all know how important a contact list is on our cell phones. The contact list allows us to save our friends' numbers for easy future reference. We look up the friend's name and click the call command. The cell phone uses the number and the associated network technology to reach your friend's phone. A connection is established and your friend is soon at the other end of the line.

Let's say you want to call your friend Jacob. He is in your contact list. But, suppose your buddy plays a prank on you. He accesses the contact list on your cell phone and changes Jacob's number to that of the local undertaker (infiltrates and corrupts your phone book) while maintaining the same name of the contact. You pick up your phone with confidence to call Jacob. Your friend's prank has in effect redirected your calls intended for Jacob to the funeral home. So, whenever you call Jacob the phone dials the number saved in the contact list for him, but it is actually the undertaker. Your contact list has been corrupted!

Processing a URL Request

A URL inputted into a computer browser is similar to a cell number dialed on a cell phone. A computer system connected to the internet keeps a DNS cache (directory of web pages and the IP addresses visited by the user), which stores IP addresses for easier future reference. In the same way that our cell phones communicate with each other via telephone numbers, computer networks communicate with websites via IP addresses.

To unlock this lesson you must be a Study.com Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use Study.com

Become a Study.com member and start learning now.
Become a Member  Back
What teachers are saying about Study.com
Try it now
Create an account to start this course today
Used by over 30 million students worldwide
Create an account