Cyber criminals continue to improve upon tried and true methods of scamming unsuspecting businesses, and phishing and pharming attacks, while commonplace, are growing in technical sophistication. In this article, we explore the difference between these attacks, the danger they pose, and what you can do to protect your business.
While their methods are different, the goal of both attacks is the same; online criminals disguise their intentions to appear legitimate, tricking the victim into giving up personal or sensitive information such as usernames, passwords, banking information or credit card numbers. Once the fraudsters have obtained this information, they can use it in a number of different ways: opening new credit cards, selling the data on the dark web, or even committing identify theft.
Phishing explained: compromising personal data
A convincing combination of social engineering and identity theft, phishing scams generally target individuals, attempting to con the victim into revealing sensitive personal information. Known as “spoofing,” fraudsters impersonate authority figures or legitimate businesses source, contacting the victim by text message, email or phone. These scams are incredibly effective because fraudsters often use legitimate company logos to add authenticity to their attack, as well as creating links and email addresses which have been carefully designed to appear genuine, and pass a cursory glance by an unsuspecting victim.
While in many instances phishing scams utilise software and security weaknesses to install malicious software or infect devices with viruses, the key element in their success remains the human factor. The nature of these attacks is so convincing that phishing has accounted for 90% of data breaches thus far in 2019.
Pharming: the hidden threat
While the aim of a pharming attack is similar to phishing in the sense that the victim is tricked into providing their personal information which is then used by fraudsters for malicious purposes, there are a couple of key ways pharming differs:
Installation of malicious code
Where phishing entices a victim to open a communication which appears legitimate, pharming is far more covert, as it requires no action by the target, making the risk to your business far more widespread.
When you enter a website’s URL, your browser checks its Domain Name system (DNS) cache or a DNS server for the IP address corresponding to that address, and then takes you there. By “poisoning” the DNS cache of a computer, server or network through the installation of malicious code, cyber criminals can change the IP address that corresponds to the domain name, seamlessly redirecting victims to a pharming site designed to look exactly like a legitimate site which has been visited many times before. The target then logs in as usual, unwittingly handing over their personal information.
A more widespread threat
Phishing, while an extremely effective scamming method, operates on a much smaller scale than pharming, and relies on victims failing to recognize they are being conned. The danger of pharming is its much wider reach; as an infected DNS cache will affect everyone who uses that DNS server to visit a particular website, potentially putting entire organizations at risk.
Protecting your clients, and your business
Data theft online is the new robbery, and the consequences for your business can be just as devastating. Reduce your risk of becoming a statistic by implementing the following changes in the way you and your employees do business.
Phishing: Education is key
The easiest way to prevent phishing is to equip your employees with the skills to recognize a malicious email. Warning signs include:
- A spoofed email will typically have some red flags in the email address. As an example, a legitimate email from Amazon might read firstname.lastname@example.org. email@example.com should make you stop and think. When in doubt, report suspicious communications immediately.
- Don’t click on links embedded in emails, open a new browser window and type in the relevant web address
- Most companies and websites explicitly state that they will never ask you for account details in an email. Therefore, if you receive an email from one of them asking for your account information, it could be malicious, and should be treated as such until it can be verified.
Consider cyber security awareness training to equip your end users to identify a malicious communication, and act accordingly. Periodic attack simulations is an effective way of ensuring online security is a focus during day to day work, and offers employees the opportunity to test their knowledge.
Pharming: outdated security software leaves your business vulnerable
You won’t know if your DNS cache has been compromised until it’s too late. Follow these simple steps to reduce your risk:
- A reputable anti-malware program should always be your first line of defense against pharming. Ensure that update are automatic, and regular to stay on top of developments in pharming activitiy
- Always change the password on your router, as cybercriminals will attempt to use common and default passwords to gain access.
- Don’t visit suspicious websites that could automatically download malware onto your computer, or open untrustworthy email attachments.
If you’re not confident that your fraud prevention practices are keeping pace with the rapidly evolving online threat landscape, contact FraudWatch International to discuss how we can help you to protect your business.