Phishing and pharming are terms used to describe the kinds of cyber attacks that are increasingly threatening the online security of businesses and their customers. Although phishing has been around for almost as long as emails and online banking have existed, the techniques and persuasive con artistry has accelerated over the last decade or so.It is thought that phishing scams cost American businesses billions of dollars in damage and account for around 90% of data breaches. Pharming is a similar process but uses more sophisticated techniques to get the unsuspecting victim to visit the data harvesting page. You have to remain up to date and vigilant in order to protect yourself, your employees and your customers from the inherent dangers of phishing and pharming attacks. In this guide we’ll take a closer look at both and what you can do to protect yourself.
How does phishing and pharming work?
The modus operandi of the typical phishing email author is confidence trickery; fooling his hapless victim by creating a sense of familiarity and relying on the trust already established in a brand or perhaps in a person (CEO fraud, for example). A typical phishing email might simply try to illicit a persons private or financial information by trying to con them into opening a malware program.
Malware is a malicious piece of code that once invited into a computer or wider network can do it’s naughty work. This work can often include attempting to find login details, passwords or other sensitive, private or personal information. This data can be used for stealing money, using a person’s online identity or even for selling on to be used in identity fraud. As well as stealthy malware installations, a phishing email might refer the receiver to a website designed to look exactly like a website they already trust. Thinking it’s a safe and trustworthy location (that they’ve been too plenty of times before) they are, in fact, simply handing over their private data the moment they login to that website. As phishing scammers become more sophisticated, so these fake web pages are becoming increasingly effective at looking like their legitimate counterparts. Find out more about how phishing attacks work here: fraudwatchinternational.com/phishing/what-is-a-phishing-attack/
Pharming is not dissimilar in that it also relies on familiarity and trust to con it’s victim, only this is an even more potent form of attack because it doesn’t require the victim to perform any particular action; it is able to cloak itself completely so that it even carries the same domain name as the trusted website. Clearly pharming attacks require even more vigilance to ensure they don’t cost a business or an individual in time, money and reputation.
How to protect yourself against phishing and pharming attacks
The most effective protection against phishing is to ensure that you (and your team) are fully versed in how to identify a potential phishing email. Everything from the copy used, the graphics and logos to the embedded links should be carefully scrutinized to see if they flag up any potential risks. Pharming requires more than just a vigilant human eye; it’s imperative that you keep your security software as up to date as possible. Anti-malware systems must be maintained and updated in order to be effective against pharming attacks. Always keep your software, hardware and apps across all devices up to date at all times to help you keep you, and your data, safe.