You will be redirected to Internet Banking Login Page.

Do you want to continue?

You will be redirected to Internet Banking Login Page.

Do you want to continue?

You will be redirected to Internet Banking Login Page.

Do you want to continue?

You will be redirected to Internet Banking Login Page.

Do you want to continue?

You will be redirected to Internet Banking Login Page.

Do you want to continue?

Our Blogs

Pharming Fraud and protect your security online

How to detect Pharming Fraud and protect your security online

Cyber fraud or online scams can take various forms. Pharming fraud is one of them.

Imagine a situation wherein you are trying to log in to your Internet banking website. However, you are redirected to a fraudulent website that looks similar to the Bank's. Something looks fishy, but you are not able to understand what is wrong. Suddenly, your login details are captured, and you lose money.

This is no less than a nightmare, but one of the extreme instances where you could fall victim to a pharming fraud.

In the below article, you will know more about pharming and how you can protect yourself from such attacks.

April 01, 2023

What is pharming?

Pharming, a type of cyber-attack, involves redirecting victims to fraudulent or malicious websites without their knowledge. This process typically occurs without the victim's approval, with the intention to commit fraud.

These malicious websites often look similar to legitimate websites and are primarily replicas of banking websites. Thus, users generally fail to realise the difference and fall victim. Simply put, it is a fake version of a trusted site.

Through pharming (a combination of phishing and farming), the attackers steal the victim's personal information, including passwords, Credit Card numbers and other sensitive data.

Common types of pharming attacks

DNS Spoofing or Poisoning

In this type of fraud, the attacker hijacks a Domain Name System (DNS) server and redirects the traffic from the legitimate website to the malicious websites. DNS spoofing or poisoning is a type of pharming attack which is difficult to detect because the malicious website looks exactly like the legitimate one.

Malware-based Pharming or Malvertising

In this type of pharming, malicious advertisements are displayed on legitimate websites. These advertisements spread malicious code that redirects the users to malicious websites or even downloads malware onto their devices.

Man-in-the-middle attack

In Man-in-the-Middle (MIM) attack, as the name suggests, the attacker captures communication between two parties (for example, the Bank and the user) to steal information or redirect the user to a malicious website.

Malicious code injection

In this attack, the attacker injects malicious code into the website or a web application. For example, this code might be injected via an SQL query or a malicious file upload. It is an advanced cyberattack wherein the fraudster typically executes a code on the victim's device. Thus, the attacker does not depend on the user to click on the malicious link; instead, the code directs the user to the malicious website.

How to protect yourself against pharming attacks

A pharming attack may be challenging to identify, but staying alert and taking all necessary precautions can help you protect yourself. Here are some ways to protect yourself against pharming attacks:

  • Use a trusted and verified Internet Service Provider (ISP) and VPN service with reputable DNS servers.
  • Ensure your web connections are secure and enable two-factor authentication (2FA) on sites, wherever available.
  • Use a strong router password and change the default settings of your Wi-Fi router.
  • Keep your computer and software up to date. Use a firewall, antivirus and anti-spyware software.
  • Follow links that begin with HTTPS only.
  • Avoid clicking on links or opening attachments from unknown senders.
  • Avoid suspicious-looking websites.
  • Avoid deals that appear too good to be true.

Final Word

The best way to protect yourself from cyberattacks like pharming is to follow best cybersecurity practices, stay alert and depend on trusted antivirus protections.

Axis Bank has deployed its cyber security structure and framework based on the National Institute of Standards and Technology (NIST) Standard and is compliant with ISO27001 and PCI DSS standards. We have built and are operating our cybersecurity framework around five fundamental areas - Identify, Protect, Detect, Respond and Recover. Additionally, our 24×7 Security Operations Centre and Cyber Security Operations System ensure no compromise regarding safety and security.