Blog
Topic
All
Products and technologies
Business trends
Cybersecurity
Cybersecurity
Awards
AI
ColorVu
Events
NVR
Access control
Solution
Software
Industry News
Company News
Product Announcement
Videos
Case Studies
Search blog
Blog
Filter
Cancel
Topic
All
Products and technologies
Business trends
Cybersecurity
Cybersecurity
Awards
AI
ColorVu
Events
NVR
Access control
Solution
Software
Industry News
Company News
Product Announcement
Videos
Case Studies
Reset
Submit

Raising Awareness for National Cybersecurity Awareness Month (NCSAM): Hikvision Senior Cybersecurity Director on Pharming—A Malicious Hacking Attack

The 17th annual National Cybersecurity Awareness Month (NCSAM) kicked off in October with the goal of raising cybersecurity awareness. To contribute to this goal, Hikvision senior director of cybersecurity, Chuck Davis, is providing insights on various cyberattacks to help you stay safe.

In today’s blog, Hikvision’s Davis will provide an overview of pharming—a malicious hacking attack—that includes tips to help you identify this scam and avoid becoming a victim to it.

What is Pharming?
Pharming is a type of cyberattack that redirects a website’s traffic to a malicious site that appears to be the real site. Pharming is used frequently in phishing attacks to trick a victim into sharing login credentials, banking information, or other sensitive data with the attacker.

It’s effective because a victim who visits the malicious website can see the valid domain name in their browser. The attacker must trick the victim’s computer into going to the malicious website by either making changes to the victim’s computer or somehow changing the destination IP address for a domain name. That’s typically achieved by altering or “poisoning” the victim’s DNS (domain name system) lookup.

How Does Pharming Work?
When you enter an address into your browser, your computer first checks for an IP address in a file on your computer called the hosts file. If it sees an entry in the hosts file for that website, it will go to that IP address. If your computer does not find an entry for that address in the hosts file, your browser will ask your computer’s default DNS server to look up the IP address of that website.

There are DNS servers all over the Internet and unless you specifically changed your DNS servers, you are probably using servers from your Internet Service Provider (ISP). Once the DNS server comes back with an IP address, your browser can make the request to go to 172.217.11.228 and almost instantly, you will see the Google web page. So essentially, a pharming attack happens when an attacker is able to send the wrong IP address to the victim’s computer when it does a lookup.

How To Stay Safe from Pharming Attacks
Below are several tips that will help you boost cybersecurity and stay safe.

  • Enable multi-factor authentication (MFA) wherever it is available. This way if you do get tricked into sharing your credentials, the attacker would not be able to log into your real account.
     
  • Keep your router up to date. If your router doesn’t have automatic updates, consider replacing it with a new router that does update automatically
     
  • Change the DNS settings on your router and devices to an alternate, encrypted DNS such as Cloudflare's 1.1.1.1, IBM's 9.9.9.9, and Google DNS.
     
  • Follow standard anti-phishing recommendations.

Read the Hikvision pharming blog to learn more and view examples of pharming attacks: “Part 2: Hikvision Senior Director of Cybersecurity on Examples of Pharming—A Malicious Hacking Attack—and Tips to Avoid Becoming a Victim.”

Subscribe to newsletter

Subscribe to our email newsletter to get the latest, trending content from Hikvision

Hikvision.com uses strictly necessary cookies and related technologies to enable the website to function. With your consent, we would also like to use cookies to observe and analyse traffic levels and other metrics / show you targeted advertising / show you advertising on the basis of your location / tailor our website's content. For more information on cookie practices please refer to our cookie policy.

 

Contact Us

Get a better browsing experience

You are using a web browser we don’t support. Please try one of the following options to have a better experience of our web content.