Understanding the difference between phishing and pharming

Both phishing and pharming involve the theft of personal identity data and financial account credentials, but there are subtle differences between them, and you should know what they are.

Russell Dean Vines

Published: 14 Nov 2006

How do phishing attacks differ from pharming attacks? Are pharming attacks still prevalent?

Phishing and pharming are generically both the same, in that the purpose of the exploit is to steal personal identity data and financial account credentials for monetary gain. According the Anti-Phishing Working Group, phishing attacks use both "social engineering and technical subterfuge" to get the goods. This means that spoofed emails trying to convince the email readers to enter their personal banking info, and spyware, such as Trojan keyloggers, are the mainstays of the phishing world.

While pharming is still considered a subset of phishing, it refers to a specific type of phishing using DNS hijacking or poisoning to redirect the user's browser to fraudulent sites or servers. Pharming was on the increase in 2005 but has decreased slightly this year due to increased diligence of domain controls, and is therefore employed less than the phishing exploits mentioned above. Protection from pharming, however, should still be offered in a comprehensive security approach.

Dig Deeper on Cybersecurity risk assessment and management

Related Q&A from Russell Dean Vines

Understanding smurf attacks

A smurf attack can slow down a network to the point of shutting it down completely. Learn how to understand a full-scale smurf attack and how to ... Continue Reading

What are the network security risks of streaming video?

Streaming video and audio sites are frequently visited on both home computers and work computers. Learn about streaming video security risks and what... Continue Reading

Threat matrix and risk analysis resources

There are many resources available to help value-added resellers compile a threat matrix and perform risk analyses. Continue Reading

MicroscopeUK

Check Point launches distribution marketplace strategy

Security player Check Point launches programme to ensure it is covering an increasingly popular route to market

MSPs retain staff and focus on riding out pandemic

Research from SolarWinds MSP indicates that although the last few months have been tough, most partners have adapted to changed ...

Schneider Electric increases rewards for edge-selling partners

Vendor continues to encourage engagement with edge solutions, with margins and discounts on offer

SearchSecurity

Guide to the latest Black Hat 2020 Conference news

This guide to Black Hat 2020 gathers breaking news, new ideas and technical expert insights from one of the leading cybersecurity...

What cybersecurity teams can learn from COVID-19

Nabil Hannan examines key similarities between medical and computer viruses that cybersecurity teams can use to keep businesses ...

Healthcare CISO offers alternatives to 'snake oil' companies

Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salesmen and more at his ...

SearchStorage

SearchNetworking

Compare 3 DDoS mitigation strategies for enterprise networks

Enterprises can choose from three major approaches to mitigate DDoS attacks on their networks: Buy from an ISP, do it themselves ...

T-Mobile 5G progresses, Samsung intros 5G tablets

This week's 5G news includes T-Mobile 5G taking a significant step forward, Samsung releasing tablets and Intel and VMware ...

Discover 8 network diagramming tools aimed at architects

Network design tools help architects map out the company infrastructure but only with the right product. Explore these eight ...

SearchCloudComputing

10 cloud computing experts you should follow

Get up to speed on what's happening in the cloud by following some of the top voices in the industry, including those who are ...

Use this Amazon Cognito review to assess authentication tools

Amazon Cognito isn't as user-friendly as some competitors, but it does offer some unique advantages. Explore the pros, cons and ...

10 cloud computing myths debunked

A range of public cloud misconceptions -- including those related to security and cost -- give enterprise adopters the wrong idea...

SearchDataManagement

How Riot Games upped its enterprise data governance game

Data governance product manager at Riot Games details how the game vendor dealt with data ownership challenges by embracing new ...

Top 7 data catalog use cases for enterprises

From data lake modernization to data democratization, there are many benefits to a data catalog. Experts talk about the top ways ...

Metamorphosis of Kafka Confluent event streaming technologies

Kafka Confluent event streaming tools allow data managers, analysts and developers to capture, process, store, access and analyze...

SearchBusinessAnalytics

Importance of analytics heightened by COVID-19 pandemic

Business intelligence is needed when times are bad, and it's the organizations who have created a data-driven culture that are ...

Using data for public good in fight for racial equity

While some data-driven methods recently have been publicly scrutinized for biases in practice, there are plenty of ways data can ...

Baseball's Twins deploy Databricks to improve analytics power

With the amount of data used to make player personnel decisions in baseball growing exponentially, the Minnesota Twins began ...

Dig Deeper on Cybersecurity risk assessment and management

Phishing protection: Keep employees from getting hooked

Cybersecurity threats on the rise, prey on human nature

Lateral phishing used to attack organisations on global scale

The top 3 email security threats and how to defuse them

Related Q&A from Russell Dean Vines

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.