Pharming is one of the scarier types of hacking because it can be so difficult to detect or protect against. This is particularly true of individual internet users – many don’t know how to prevent pharming attacks or even what pharming is. Moreover, you might not even be able to prevent the attack if you visit a website with a compromised DNS server.
In this post, we’re looking at how to prevent pharming attacks to help maximise cyber security in your business.
How Does Pharming Happen?
You can learn more about what pharming is in our previous blog post, but as a quick recap, there are two main kinds of pharming attacks. One is DNS-server poisoning, where the DNS server that hosts a particular website becomes compromised and redirects users to the fake site.
The other is malware-based pharming, which involves the individual user becoming infected with malware that redirects them to fake websites when they try to access legitimate ones.
As an individual, there’s very little you can do to protect against DNS pharming, but if you practise good home security and online safety, you’re much less likely to be a victim of a malware-based attack.
Ways to Prevent Pharming Attacks
There are some ways you can protect your technology from a pharming attack, including:
- Antivirus software
This is one of the most effective ways to prevent pharming as it will help detect or block malicious or untrustworthy programmes from being installed on your computer.
- Home internet safety
Change the default settings – although the password the router came with may seem secure, it’s much safer to change it (as long as the new password is secure). The National Cyber Security Centre recommends a password phrase of three or more random words for home users.
Don’t have the internet name or password linked to you, and avoid having your name, pet’s name, house number or any other identifying information in your Wi-Fi name or password.
- Password manager
When it comes to discussing how to prevent pharming attacks, password managers can be very beneficial. Password managers allow you to use secure passwords that are very difficult to crack without having to remember long strings of random numbers and letters.
- Use secure websites
When visiting new websites, check that they are secure. Look for the padlock icon to the left of the address bar or check that the URL starts with ‘https://’ (rather than just http://).
- Two-factor authentication
Two-factor authentication is a great way to add extra security and means that even if a hacker manages to get your login and password for an account, they won’t be able to log in without the code.
- Only click links you trust
This one is one of the best ways to prevent pharming and prevent hackers from installing any malware on your computer, but sometimes scam emails can be almost indistinguishable from legitimate ones. Check out our post on the DAC method for spotting phishing emails for tips.
- Speak to your IT support
If you own a business, speak to your IT support department or company to ensure that your DNS server security is where it should be to minimise the risk of poisoning.
What to Do If You’re a Victim
In an era where hacking evolves faster than the technology to stop it, sometimes you know exactly how to prevent pharming attacks and still can’t avoid being a scam victim. If that happens, what should you do about it?
- Run your antivirus software – make sure it’s up to date and run it to ensure there’s no more malware on your computer.
- Contact the relevant bodies:
- Report it to your Internet Service Provider
- File a police report if your identity is stolen
- Block any cards or bank accounts that have been compromised and talk to your bank about recovering any stolen money
- Clear your cache – this minimises the chances of anything being left over on your browser.
At Integral IT, we offer IT consultations and independent cyber security reviews, so if you’re not sure how to prevent pharming attacks, please get in touch with our friendly, expert team today. We can help you find the best ways to prevent pharming and other cyberattacks.