Fraud Awareness Banner

Stay Alert for Pharming Fraud and

Protect Your Online Security

Stay Alert for Pharming Fraud and Protect Your Online Security


Pharming is a scam that cybercriminals use to install malicious code on personal computers or servers. As the name suggests, it comes from the words “farming” and “phishing”. It is another variant of phishing-related fraud using man-in-the-middle (MIM) attack and does not require you to click on any link. Here, the fraudster will insert themselves between the victim and a legitimate institution.

What is Pharming?

Pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site.

These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and login credentials (such as passwords, credit card numbers social security numbers, account numbers etc.) or attempt to install pharming malware on their computer.

Pharmers often target websites in the financial sector, including banks, online payment platforms, or e-commerce sites, usually with identity theft and financial misuse as their ultimate malicious objective.

How does it work?

There are several ways in which pharming can be carried out. Here are some common methods:

DNS Spoofing / Poisoning: DNS stands for “Domain Name System” and is responsible for translating human readable domain names into IP addresses that computers can understand – pharmers modify the DNS table in a server for a legitimate website and replaces them with their own IP address, causing multiple users to visit the fake website instead of the legitimate one.

Malware: A hacker may send malicious code in an email which installs a virus or Trojan on a user's computer. This malicious code changes the computer’s hosts file to direct traffic away from its intended website and redirected toward a fake website instead.

Man-in-the-Middle (MITM) attacks: In a MITM attack, the attacker intercepts the victim's traffic and redirects it to a fake site using various techniques such as Address Resolution Protocol (ARP) Spoofing and SSL stripping.

How to protect yourself from such attacks?

  • Always use a trusted and verified Internet Service Provider (ISP) & VPN service that has reputable DNS servers.
  • Make sure that your web connections (web address should have https with lock icon) are secure.
  • Enable two-factor authentication (2FA) on sites wherever available.
  • Change default password on your routers & wireless access points.
  • Be cautious of links and attachments in emails and other messages, especially from unknown senders.
  • Use antivirus and anti-malware software on your device and keep them up-to-date.