#Pharming Archives

Today, the ever-evolving technology has taken society to the next level of evolution. However, it has also paved a path for malicious actors to misuse it and exploit unwary users. Day after day, cyber criminals are growing more sophisticated and smart. They have been honing their skills in order to bypass the latest security standards and obtain money and data illegally.

Phishing and pharming are two major types of cyber attacks that involve tricking others into providing their personal information. Although cyber criminals use both these tactics to obtain sensitive information, they work differently.

What is Phishing?

Phishing is basically a social engineering attack that uses emails as a disguised weapon. In short, the cyber criminals impersonate a legitimate source to trick the target into clicking on a malicious link or attachment to acquire their personal information.

The scary part is, cyber criminals are not only limited to using emails for launching phishing attacks. They can also phish over a website and sometimes go with SMS (smishing) or voice call/messages (vishing) to trick users. According to a report from Security Boulevard, 97% of the users are unable to recognize a sophisticated phishing email.

In another report from The National News, 94% of UAE businesses experienced phishing attacks in a year. The same report also highlighted that 77% of email spoofing attack victims had money and valuable data stolen in the UAE, as compared to the global average of 73%.

Example of a Common Phishing Scam Attempt

A spoofed email impersonating incometaxindiaefilling.org.in to distribute it to as many taxpayers as possible.
The email claims that the taxpayers are qualified to obtain a refund and prompts them to submit the tax refund request within 3 days.

Several things can happen if the users click on the link to submit the request. The users might be redirected to a bogus page, where they may be asked to submit their personal information.

The hackers can harness the information and use it for other malicious activities such as identity theft. This can often lead to more disastrous and grievous consequences. Furthermore, on clicking on the link, the users might end up downloading malware infections like ransomware.

What is Pharming?

Pharming is the combination of two words “phishing” and “farming”. Pharming refers to the redirection of the users to a fraudulent website without their consent.

For example, an employee routinely logging into a payroll account may be redirected to a forged website instead. And, if the fraudulent website looks legitimate enough, the victim may end up getting tricked.

The motive behind phishing and pharming attacks remains the same, however, the techniques used to carry out these attacks are different. In pharming, cyber criminals carry out a two-step procedure in order to succeed.

First, the malicious actors push a malicious code on the victim’s computer or server. Second, the code redirects the victim to a fraudulent website where they are asked to enter their personal information.

To completely understand how pharming works, one must understand how Domain Name System (DNS) servers work. Whenever a user enters a domain name, the DNS servers translate that domain name into an IP address. It is the IP address that indicates the actual location of the website.

So, once a user visits a certain website, a DNS cache forms to prevent the need for visiting the server each time the user returns to that site. However, cyber criminals can corrupt both the DNS cache and the DNS servers through pharming. As a result, the users assume the bogus website to be legitimate and end up submitting their personal information.

How to Prevent Phishing and Pharming?

Several enterprises are implementing security protocols and taking steps to protect customers from phishers and pharmers. For example, in April 2020, the UAE Banks Federation launched a fraud awareness campaign to prevent digital banking service users from falling for scams. However, all it takes is one click for someone to fall for a scam.

Though as harmful as these attacks are and as easy as it is to fall for these attacks, they can be easily prevented. Taking the basic precautions listed below can help you and your organization in mitigating the risk of these kinds of attacks:

Look Out for URLs

Make sure your employees pay attention to the URL of the website when browsing on the internet. Legitimate websites always have the upper domain or TLDs (Top Level Domains) such as .org, .com, .edu, .net, etc. For example, www.google.com.

However, if on visiting the site, it is www.google.ad.com or www.Goodle.com – even a minor mistake in the website URL is a hint that the DNS cache has been compromised.

Brand Monitoring

As an organization, promoting your brand is essential to foster the identity of your company. If cyber criminals impersonate your brand for malicious purposes, it can bring down everything you have worked for. Therefore, it is highly recommended to keep track of how your brand is being represented online.

Avoid Clicking on Links

Make sure that your employees pay extra attention whenever they click on a link embedded in an email, especially one from an unknown source. It is advisable to make a habit of hovering over the link to check its destination before clicking on it.

Additionally, implement a phishing incident response tool like TAB to enable the employees to report any malicious links or attachments getting delivered through an email.

Cyber Security Awareness Program

Even if your organization has implemented all the best cyber security tools, it all comes down to how cyber aware and vigilant its employees are. So, organizations should conduct regular cyber security awareness training programs to raise awareness amongst the employees.

For instance, an employee working in the accounts department is more likely to open an email or click on the link embedded in it if it is related to the organization’s financial statements. Simulating phishing attacks on the employees can help them understand how to spot phishing attempts and react to them in real life.

No matter how strong an organization’s IT security infrastructure is, addressing the employees is a must for every organization. Remember, all it takes is one simple click for an employee to jeopardize the whole organization.

What is Phishing?

Phishing is a type of social engineering attack where cyber criminals trick users to give away their personal information. These cyber criminals use this attack to steal data like login credentials, financial details, confidential information, and much more.

It is infamous as one of the top cyber attack vectors for distributing malware. Cyber threat actors impersonate legitimate entities to dupe victims into clicking open emails that are used as baits. Victims fall for the bait and are tricked to click on malicious links or email attachments.

The malicious attachments lead to the installation of malware that locks the system and turns into a ransomware attack. Whereas, malicious links redirect victims to a fraud web page that asks for sensitive information, which is further exploited by cyber criminals.

The History:

The first phishing attempt was conducted back in the 90s. Phishers would conduct attacks by stealing passwords of users. They used algorithms to create randomized credit card numbers. Later, this phishing practice was brought to an end by the AOL (America Online) in 1995.

After this, phishers came up with another common but successful duping set of phishing techniques. They used AOL’s instant messenger and email system. They impersonated AOL employees to send messages to users regarding account verification for billing information.

This technique turned more sophisticated, ultimately leading AOL officials to enforce warnings in their emails and instant messages to their clients. The organization requested them to avoid providing their sensitive information to such phishing messages or emails.

What are Phishing Techniques?

Cyber criminals use various types of phishing techniques ranging from highly sophisticated to simple methods. These techniques are highly deceiving and can bypass endpoint security and secure email gateways.

The most common but ever-evolving phishing techniques are:

Pharming

Pharming is a malicious practice of altering IP addresses to redirect targeted users to forged websites. These fake websites target users to submit their sensitive information like login usernames and passwords. The submitted information is later accessed by hackers for a data breach or other malicious use. Today pharming and phishing are serious cyber threats to every organization.

Spear Phishing

A formulated professional phishing attack by cyber criminals, Spear phishing is a classic phishing campaign where emails are sent in bulk to targeted individuals. Hackers do in-depth research on their targets before launching a campaign on specific individuals or organizations. The purpose of this is to send legitimate-looking emails to get valuable information out of victims.

Smishing

SMS-phishing or smishing involves cyber scammers sending text messages to targets users while making themselves appear to be from reputable or authentic sources. These text messages contain malicious links that redirect message receivers to phishing landing pages. In some cases, these messages directly urge receivers to reply with sensitive information.

Vishing

Vishing is a voice phishing method wherein the scammer, calls users in an attempt to gain their personal information. These phishers use the Voice over Internet Protocol (VoIP) servers to sound like someone from credible organizations.

Vishing is currently one of the most leveraged forms of social engineering attacks in the cyber world. Vishers majorly impersonate banks or government agencies to lure users into giving away their sensitive details over the phone call.

Website Counterfeiting

Hackers design and develop forged websites that are look-alikes of legitimate ones. Their malicious purpose behind the website counterfeiting is to divert users from the legitimate website to the forged one.

These hackers defraud victim by obtaining their personal information or by luring them into downloading malware to launch ransomware attacks.

Domain Spoofing

Phishers have evolved their techniques by using highly sophisticated tricks to mislead targeted users. They use spoofed domain names to make the malicious email look as if coming from legitimate sources.

The most infamous examples of such email-based attacks are CEO fraud and Business Email Compromise (BEC) attacks. Phisher sends the victim an email that looks like to be from a higher authority in the organization. It lures the email receiver to wire transfer funds or some confidential information.

Ransomware

The most dangerous attack technique wherein the victim is denied access to the system or files unless the ransom is paid to the cyber criminal. In this technique, targeted users are tricked into clicking on a malicious email attachment or link or on a malware-laden pop-up. As soon as any user clicks on one of these, the system gets corrupted by ransomware.

How to Prevent Phishing Attacks with Security Awareness?

Today, most of the organizations across the world are either running their businesses remotely or have adopted the new normal of the post-pandemic. However, cyber criminals are taking this as a newfound opportunity to launch phishing campaigns on every industry vertical.

Therefore, it is essential to implement cyber security solutions and practice security measures in the organization to mitigate emerging phishing attacks. Here are some of the best practices to follow:

Educate employees with the best in class phishing security awareness training. Every employee should be aware of the evolving phishing techniques, ways to recognize them and how to combat them.
CISOs must implement email domain security standards such as DMARC, SPF and DKIM in their organizations. It prevents outbound emails from email domain spoofing and other email-based cyber attacks.
Use an SSL Certificate to secure your website traffic and prevent information from being leaked.
Secure your brand online from website forgery with stringent online brand monitoring. Institute an anti-phishing and fraud monitoring tool to live track fraudulent activities online against the organization’s websites, mobile apps, and domains.
Install all the latest security patches to remove vulnerabilities and mitigate the risk of cyber threats.
Use a VPN to work in a secure network environment and avoid using public networks for any sensitive data transaction.
Do not reuse old passwords and avoid using the same passwords for other accounts.
Beware of pop-ups, unsolicited emails, unsecured websites and never respond to unexpected emails with sensitive information.

Tag: #Pharming

Phishing and Pharming: All of it You Must Know

What is Phishing?

Example of a Common Phishing Scam Attempt