This article has been written by Fathima Roshan pursuing a Test Prep Course for Cracking Certified Information Privacy Manager (CIPM) from Skill Arbitrage.
This article has been edited and published by Shashwat Kaushik.
Table of Contents
Introduction
In today’s world, cyberattacks have become unexceptional and at some point, in our lives, we are all targeted by online scams. Recent statistics show that around 29,530,829,012 known records have been breached so far in 4,645 publicly disclosed incidents, which makes us wonder whether we have also fallen victim to any of the digital attacks. This article explores two prevalent cyberattacks, their distinctions, and how to safeguard ourselves from phishing and pharming cyber-attacks.
The words Phishing and Pharming sound similar but the methods they use to steal the user’s sensitive personal data and money are different from one another. The similarity between them is their unlawful motive, or, in another way, we can say that both these cyber-attacks attempt to steal users’ personal credential information. Most of the time, people fall under the hackers’ ambush because of the social engineering tricks they use on the users to deceive them. The chance of falling under the hacker’s trap is sky high so we must educate ourselves and the people around us.
Phishing attack
Phishing is the most common type of cyber-attack that targets users through various electronic communication channels like emails, messages, or phone calls to trick the victims into revealing confidential information. According to the FBI, phishing was recorded as a common form of cyber-attack in 2020, and it has doubled over the years. Scammers are often successful at phishing because they manipulate people to give up their sensitive personal data. One simple example of phishing is bank fraud, where the hacker pretends to be an authorised person from the bank and tries to steal the personal information of the user.
Types of phishing attacks
Here are some common types of phishing attacks:
- Spear-phishing: In this targeted attack, the attacker focuses on a specific individual within an organisation. They gather information about the victim (such as name, position, and contact details) and then send personal messages to steal login credentials.
- Vishing (voice phishing): Vishing is concerned with voice communication that occurs over the phone. The attacker pretends to be a trusted person or organisation to extract information.
- Email phishing: In email phishing, the attacker sends seemingly legitimate emails designed to trick recipients into providing sensitive information.
- HTTPS phishing: Attackers send victims emails containing links to fake websites. These sites aim to deceive users into entering private information.
- Pop-up phishing: Pop-up windows appear on legitimate websites, urging users to update software or provide personal details. These pop-ups are often malicious and can lead to data theft
Most famous phishing attack
Now let us take a look at the most famous phishing attack that caught people’s attention around the globe:
NotPetya attack
In 2017, the ransomware attack happened through e-mail attachments. The attack originated in Ukraine. Numerous organisations across the globe suffered losses of over $10 billion.
Hillary Clinton’s Campaign
In 2016, Russian hackers known as Fancy Bear targeted Hillary Clinton’s campaign to influence the US election, which resulted in the release of private e-mail and sensitive campaign information.
Facebook and Google
In 2015, Facebook and Google got tricked by a phishing campaign, which resulted in a large payment to a hacker named Evaldas Rimasauskas and his team. The hackers sent fake invoices to Facebook and Google employees pretending to be Quanta (a Taiwan-based company that does business for Google and Facebook), which resulted in transferring more than $100 million in transactions.
Preventing phishing attacks
These scams show how easily people get manipulated by hackers, which is a serious threat to our society. To escape from phishing attacks, every individual must take the following precautions:
- Be careful while opening links from unknown sources, as they sometimes appear to be legitimate and can easily hack users’ credentials or sensitive information.
- Always check the sender’s email address, the URL of the link, and the spelling and grammar of the message. If you find any of these have mistaken, then it is a sign of a Phishing attack
- Never reply to or forward phishing emails.
- Always provide good security software to your computer or device and update regularly.
- Use strong and different passwords for every website and account. Also, try to update the password once in a while.
- Use multi-factor authentication whenever possible. This can provide additional security to your account, i.e., providing an extra PIN other than a password.
- Do not share your personal or financial information with any website unless you are sure that the website is safe and trustworthy. An easy way to find out if the website is legitimate is to check for the padlock icon (the site is secured with a digital certificate) and “http” in the address bar before entering any information.
- Do not fall for any offers, contests, or massive discounts that seem too good to be true. Most users fall into the trap of phishing scammers by clicking on the unauthorised link they have provided and entering their sensitive personal data.
Pharming attack
Likewise, a pharming attack is a form of cyber-attack where the methods used by the hackers to steal users’ sensitive data are more technically complex. The hackers first infect the Domain Network Server (DNS) to redirect the users to fake websites that are created by the phisher and steal the user’s identity and finances. Pharming attacks are mostly targeted in the financial sector. like banks, online payment platforms, and e-commerce sites. The users mostly fail to recognise the trap as the cyber attackers create fake websites that are identical to the original web pages.
Types of pharming attacks
Pharming attacks are primarily divided into two types. Let us take a look at these two types of pharming:
Domain-based pharming
In this type of cyber-attack, the hackers infect the DNS (Domain Name System) server. The infected DNS server redirects to the attacker-controlled IP address. This is done by changing or manipulating the DNS setting of the victim’s device. When the user tries to enter the legitimate website, it will be redirected to an unauthorised website. Most of the time, users fail to recognise the fake website; thereby, hackers steal sensitive personal data such as usernames, passwords, credit card details, and more.
Hot-based pharming (malware-based pharming)
Here, the attacker infects the user’s computer by using malware like viruses, trojans, or keyloggers. Thereafter, when the victim tries to use an authorised website, the malware alters the host file and redirects to a fake website that is controlled by the hackers. Thereby, hackers steal sensitive personal data from the user.
Famous pharming attacks
Now let us look at some of the famous pharming attacks that have taken place to understand how serious pharming can be:
Venezuelan volunteer attack
In 2019, Venezuela’s President requested volunteers to join the humanitarian aid campaign known as “Volunteers por Venezuela” that year. The volunteers were advised to sign up for the programme by registering on the original website and entering information about the volunteer’s name, telephone number, area, occupation, and other personal data on the website. The hackers published identical-looking websites that appeared with a similar domain name and were able to retrieve sensitive personal data about volunteers.
Brazilian bank incident
In 2017, some hackers rerouted the Brazilian Banking website for several hours. The customers of the bank were redirected to a fake website, which was created by hackers. As a result of that, the cyber attackers got the victim’s confidential information.
Attack targeting 50 banks
This is a famous pharming attack that occurred in 2007, where hackers targeted at least fifty banks across the U.S., Europe, and Asia. Internet banking collapsed for three days and as a result, there was a huge financial loss and reputational damage in the banking sector.
Preventing pharming attacks
Therefore, from the above real-life incidents, it is clear that we should have enough knowledge to defend ourselves from cyberpunk. The following are steps to be taken by the users to prevent pharming attacks:
- Avoid clicking on links or files in suspicious emails. These may contain malware and infect your personal computer.
- Look for mistakes or odd things on websites, such as wrong spelling, weird names, or no signs of security (like HTTPS or a lock icon).
- Use a programme and a firewall to protect your computer from harmful software and hackers.
- Update your software and system regularly to fix any problems and improve security.
- Use two-step verification on websites that offer it, which makes it harder for someone to log in.
- Change your router password from the one it came with to a strong and different one.
- Always avoid Wi-Fi networks that are public or not safe.
Conclusion
In light of this information, it is evident that phishing and pharming are two major threats to cyberspace. Phishing uses social engineering methods to trick individuals, whereas pharming is a more technical method that traps more users at a time. The damage that can be caused after hacking can be severe for the users as well as the organisations
To safeguard ourselves, we must educate and follow security measures like regularly updating operating systems, browsers, and software updates. Being cautious and informed about the evolving new techniques can significantly reduce the risk of falling victim to phishing and pharming attacks.
References
- https://www.geeksforgeeks.org/difference-between-phishing-and-pharming/
- https://www.kaspersky.com/resource-center/definitions/pharming
- https://www.ttu.edu/cybersecurity/lubbock/digital-life/digital-identity/scams-spam-phishing-spoofing-pharming.php