Understanding the difference between phishing and pharming

Both phishing and pharming involve the theft of personal identity data and financial account credentials, but there are subtle differences between them, and you should know what they are.

How do phishing attacks differ from pharming attacks? Are pharming attacks still prevalent?

Phishing and pharming are generically both the same, in that the purpose of the exploit is to steal personal identity data and financial account credentials for monetary gain. According the Anti-Phishing Working Group, phishing attacks use both "social engineering and technical subterfuge" to get the goods. This means that spoofed emails trying to convince the email readers to enter their personal banking info, and spyware, such as Trojan keyloggers, are the mainstays of the phishing world.

Download this free guide

Could Securing Your Channel Business Be Easier? We Can Help.

Download our latest guide to the top strategies solution providers can leverage for starting up and securing a cloud practice, successful approaches to selling and marketing cloud, and why it is urgent for partners to transition now.

While pharming is still considered a subset of phishing, it refers to a specific type of phishing using DNS hijacking or poisoning to redirect the user's browser to fraudulent sites or servers. Pharming was on the increase in 2005 but has decreased slightly this year due to increased diligence of domain controls, and is therefore employed less than the phishing exploits mentioned above. Protection from pharming, however, should still be offered in a comprehensive security approach.

This was last published in November 2006

Dig Deeper on Threat management and prevention

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Russell Dean Vines

Security for mobile broadband

While some SMBs are not securing their mobile broadband, there is good reason to do so, even if a customer has only a small amount of data to protect. Continue Reading

Understanding smurf attacks

A smurf attack can slow down a network to the point of shutting it down completely. Learn how to understand a full-scale smurf attack and how to ... Continue Reading

What are the network security risks of streaming video?

Streaming video and audio sites are frequently visited on both home computers and work computers. Learn about streaming video security risks and what... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our IT Channel experts

View all IT Channel questions and answers

MicroscopeUK

Cofense chooses to go 100% indirect

Security player revamps partner programme as it pledges to go 100% through the channel

How Kognitio mined the reality gap on London bus time tables

The work was inspired by TfL’s open data policy and could spark ideas in other channel partners Nick Booth argues

Colt DCS aims for significant growth with channel programme launch

the data centre specialist has cut the ribbon on a global partner programme that should provide the structure to increase ...

SearchCloudProvider

Despite GDPR penalties, cloud partners note complacency among clients

Cloud firms work busily to align their businesses with Europe's data protection legislation, but many observe a lack of urgency ...

Hybrid cloud cost optimization an ongoing opportunity for partners

For all its virtues, the hybrid cloud model can create a number of cloud cost optimization and management headaches for customers...

Cloud for healthcare: What is the role of IT channel firms?

Healthcare providers are under greater pressure to pursue digital transformation this year. Learn how partners can aid cloud for ...

SearchSecurity

Passive DNS techniques can reduce DNS abuse

Presenting at RSAC 2018, Farsight Security's Merike Kaeo explains how defenders can adopt passive techniques to reduce DNS abuse ...

Paul Kocher weighs in on Spectre flaws, vulnerability disclosure

At RSA Conference 2018, Paul Kocher, who co-discovered the Spectre flaws, discussed the chip vulnerabilities and explained why ...

IBM's new AI toolbox is designed to protect AI systems

IBM has made a new open source AI toolbox that's designed to provide practical defenses for real-world AI systems based on how ...

SearchStorage

Ultrathin memory storage device could spell breakthroughs

According to its creators, atomristor technology promises a vast improvement on modern flash storage devices, but mainstream use ...

Four situations where a multi-cloud strategy makes sense

Many businesses can benefit from using multiple cloud services, especially if they need to ensure reliability, protect privacy, ...

Broadcom preps for NVMe over Fibre Channel with Brocade gear

Broadcom ships its first Brocade FC switching products and updates SAN management for NVMe with the goal of making Fibre Channel ...

SearchNetworking

Network-as-a-service market blossoms as demands grow

The network-as-a-service market is attracting more attention, as enterprises look for ways to outsource some of their ...

Blockchain technology use in networking? Not so fast

Blockchain technology use has little value in networking, according to one IT analyst. Analysts also examine IoT security and ...

Cisco DNA Center gets access to more IoT devices

Cisco DNA Center can now access an additional 620 IoT device profiles. Cisco also introduced this week a couple of Catalyst 9500 ...

SearchCloudComputing

Microsoft takes holistic approach to IoT security concerns

Azure Sphere extends security from the cloud to the device. It's the most holistic approach on the market and provides another ...

Get started with Red Hat OpenShift Container Platform

Despite its benefits, Red Hat OpenShift is just one technology amid a growing list intended to simplify container management and ...

Compare management options for Google Kubernetes Engine

Google supports various management options for its Kubernetes Engine service, and while each has its pros and cons, you should ...

SearchDataManagement

GDPR data protection edicts make good data governance a must

The European Union's new GDPR law puts the onus on companies to ensure that their data governance and management practices enable...

GDPR rules can spur broader steps to protect sensitive data

Companies need to make compliance with GDPR's requirements on managing personal data a priority, but they should also work to ...

Data integrity protection spurs greater security spending

As hacking, ransomware and malware attacks mount, companies place big data protection and integrity among the primary reasons for...

SearchBusinessAnalytics

Cambridge Analytica-Facebook case shows need for ethical data mining

Ethical data collection practices are becoming even more important, as cases like Cambridge Analytica's misuse of Facebook data ...

Rethinking analytics processes spurs enterprise innovation

By taking a fresh look at the makeup of their analytics organizations, enterprises can innovate their business models and take ...

Diversified data sets for analytics deliver top results

Analytics teams should focus on data diversity to ensure that their projects deliver the most meaningful insights -- but they ...

Related Resources

Dig Deeper on Threat management and prevention

Related Q&A from Russell Dean Vines

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.