What Is Pharming? Learn About the Scam

How to protect yourself against a pharming attack

Person browsing what appears to be a website on his laptop.


Phishing scams don't just lurk in your inbox or among your voicemails. They can appear as fake websites designed to mimic the real websites of trusted entities, just to steal your personal information. This form of phishing is known as pharming. Here's a quick look at what pharming is, how it works, and how to defend against pharming attacks.

What Is Pharming?

Pharming is a form of phishing that involves directing unsuspecting users to fake websites that can then steal your personal and financial information. In fact, the word "pharming" is a combination of the words "phishing" and "farming".

According to cybersecurity company Kaspersky, pharming usually happens via one of two methods:

  • Because a hacker has installed malware onto your computer, which then forces your computer to access fake websites instead of the ones you meant to view.
  • Because hackers "may instead poison a DNS server," which in turn directs many users to a fake website once they try to visit a real site.

As Webroot notes, when it comes to the first method, the malware that's initially installed on a victim's computer is able to direct internet traffic from that computer towards the fake website by changing "the hosts file on a victim’s computer."

The second pharming method is particularly troublesome because even malware-free computers can be directed to the fake site simply because the DNS server was affected. In this scenario, users can still be victims of pharming just by trying to access a legitimate site.

From there, the fake websites may either install malware on your computer or grab your personal and financial information as you interact with the site.

How to Guard Against Pharming Attacks

Now that you know what pharming is, let's talk about how to protect yourself against pharming attacks. Here a few ways you can guard yourself (and your computers) against them:

  1. Avoid clicking on suspicious links in email messages. Making a habit of only clicking links from senders you trust is the best way to avoid falling victim to the kind of pharming that occurs once a hacker infects your computer with malware. Suspicious links can contain the kind of malware that will direct your internet traffic towards fake sites.

  2. Install an antivirus program on to your computer. Antivirus software can help you find any malware that could cause pharming problems for you later. There are many great antivirus software options to choose from and some offer protection from phishing while you're browsing the internet.

  3. Pay attention to signs of pharming on the sites you visit. As cybersecurity company Avast advises, you should take a second look at the URL of the website you're visiting; It should have "https" at the beginning because the "s" means "secure" and the site is safe to browse. Is the URL as a whole spelled correctly? If not, the site is probably fake.