Cybercriminals are using increasingly sophisticated techniques to disrupt and steal from organizations like yours. But your employees may not even be aware of a relatively new but very common technique: pharming.
According to the FBI’s 2019 Internet Crime Report, pharming attacks, along with phishing scams, were the most common type of internet crime in 2019, costing the U.S. almost $60 million in losses.1 And the threat is only increasing. Cybercriminals are using the uncertainty created by COVID-19 to launch new scams and target employees who are working from home and may have their guard down.
Fortunately, you can take steps to protect your employees and organization from pharming schemes. These steps include:
1. Explain to Your Employees What Pharming Is
Your employees will always be able to better protect your organization from cyberthreats if they understand the specifics. Which is why it’s important for you to explain the threat. You may want to consider relating it to phishing.
Pharming is similar to phishing. However, while phishing uses spoof emails to lure its targets, pharming sets a trap and waits for its targets to stumble into it. The trap works like this: Cybercriminals infiltrate an employee’s computer system and installs malicious code. This gives the hacker the ability to direct traffic intended for a legitimate website to a spoofed website that looks identical or similar to the website the user is expecting to see. In other words, your employee believes they are accessing a legitimate URL but ends up on a fraudulent site.
Once on that site, your employee will either be asked to input confidential credentials, or the site will infect the employee’s computer with a Trojan horse or other type of malware. If the malware gains access to your wider system, it can expose a lot of your data and put both you and your customers at risk.
In many pharming schemes, targeted users end up on a fraudulent site for a bank. If one of your employees ends up on such a site, they will be asked to type in passwords, account numbers and even answers to security questions. The cybercriminals will harvest that information and can use it to steal from you. This specific kind of scheme has proven successful time and time again.
In 2007, cybercriminals pulled off a massive pharming scam involving 50 financial institutions around the world.2 In 2015, cybercriminals perpetrated a pharming attack that redirected traffic from the website for the U.S. Federal Reserve of St. Louis.3 And those are just two of the most high-profile cases — and just include instances involving financial institutions. Cybercriminals have also used pharming to redirect traffic from healthcare providers, insurance companies, wireless service providers and more.
2. Explain to Your Employees How Pharming Works
To better understand pharming, your employees should also know how cybercriminals are able to pull it off.
Cybercriminals who engage in pharming scams combine the technical expertise of hackers with the deviousness of the fraudsters engaged in phishing scams. This is what makes pharming attempts so difficult to detect.
Successful pharming attempts typically use one of three methods:
- Altering host files on a computer: In this method, your employee receives an email or goes to a compromised website that loads code onto their computer. The code alters host files, changing the IP address associated with a legitimate website. When the employee types in the website address or goes to it via a bookmark, their computer routes them to the new IP address where the imposter site is hosted.
- DNS poisoning: This method requires that the cybercriminal access and corrupt a DNS server. This is not easy to achieve but, when done, all the traffic passing through the DNS server will be directed to the IP address of the imposter site rather than the legitimate site, which can expose millions of people to the pharming scam.
- Home router compromise: Typically initiated through a phishing email, this method exploits security flaws in home routers in order to change a router’s DNS settings. This is often easier than corrupting a DNS server but has the same end result for the router’s user.
3. Adopt Protections Against Pharming
With awareness of pharming, your employees will have a better understanding of what to look for, though human error will still be at play. One wrong click of the mouse can bring a company to its knees. So, how do you help really ensure your employees don’t fall prey to a pharming or phishing attack?
- Use antivirus software with a proven track record.
- Change passwords frequently and use two-factor identification whenever possible.
- Only use trustworthy ISPs and avoid unknown providers that may not have the means or desire to protect against DNS poisoning.
That said, you can’t expect all your employees to be able to detect all cyberthreats all the time, especially when they are cleverly disguised in emails. Which is why more and more organizations are incorporating sophisticated email security solutions.
INKY specializes in email security, helping you and your employees ensure cybercriminals don’t use emails to initiate pharming attacks or phishing scams. For many organizations, email is a serious vulnerability, but INKY adds a relentlessly effective level of security capable of detecting and stopping phishing threats and similar cybercrimes before any employee falls for them.
How does INKY do it? By using computer vision, artificial intelligence and machine learning. Unlike other email security platforms, INKY sees the way humans do, recognizing logos, brand colors, email signatures and more — but it also sees the millions of things humans can’t, spotting imposters by as little as a pixel.
Fully adaptive, platform-agnostic and always aware, INKY uses banner alerts at the top of emails to ensure your employees know when to be suspicious. And thanks to real-time learning, INKY can spot almost everything, including zero-day phishing attacks.
Give your employees the tools they need to avoid phishing, email-initiated pharming and other schemes. Start your free demo of INKY today.
INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.