Understanding the difference between phishing and pharming

Both phishing and pharming involve the theft of personal identity data and financial account credentials, but there are subtle differences between them, and you should know what they are.

How do phishing attacks differ from pharming attacks? Are pharming attacks still prevalent?

Phishing and pharming are generically both the same, in that the purpose of the exploit is to steal personal identity data and financial account credentials for monetary gain. According the Anti-Phishing Working Group, phishing attacks use both "social engineering and technical subterfuge" to get the goods. This means that spoofed emails trying to convince the email readers to enter their personal banking info, and spyware, such as Trojan keyloggers, are the mainstays of the phishing world.

While pharming is still considered a subset of phishing, it refers to a specific type of phishing using DNS hijacking or poisoning to redirect the user's browser to fraudulent sites or servers. Pharming was on the increase in 2005 but has decreased slightly this year due to increased diligence of domain controls, and is therefore employed less than the phishing exploits mentioned above. Protection from pharming, however, should still be offered in a comprehensive security approach.

This was last published in November 2006

Dig Deeper on Cybersecurity risk assessment and management

All
News
Get Started
Evaluate
Manage
Problem Solve

Related Q&A from Russell Dean Vines

Security for mobile broadband

While some SMBs are not securing their mobile broadband, there is good reason to do so, even if a customer has only a small amount of data to protect. Continue Reading

Understanding smurf attacks

A smurf attack can slow down a network to the point of shutting it down completely. Learn how to understand a full-scale smurf attack and how to ... Continue Reading

What are the network security risks of streaming video?

Streaming video and audio sites are frequently visited on both home computers and work computers. Learn about streaming video security risks and what... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our IT Channel experts

View all IT Channel questions and answers

MicroscopeUK

Huawei looking to step up UK investment

The telco firm has indicated partners here could benefit from more investment if the ongoing problems in the US continue

Nand, flash, SSDs and HDDs – what’s happening?

It is estimated that the world creates 2.5 quintillion bytes of data every day. How will storage technology cope?

Eight tips to lead your prospect from discovery to purchase

With stronger competition than ever, it can be difficult for the channel to help their teams succeed in their sales proposals – ...

SearchSecurity

ConnectWise plugin flaw exploited in ransomware attacks on MSPs

GandCrab ransomware infected several managed service providers, thanks to an old a ConnectWise manage plugin vulnerability, but a...

Can a zero-trust approach fill the security perimeter void?

With the enterprise perimeter a mere memory, how can enterprises hope to secure their mission-critical data and systems?

Key steps to put your zero-trust security plan into action

There are three key categories of vendor zero-trust products. Learn what they are, and how to evaluate and implement the one ...

SearchStorage

Compuverde helps German university consolidate storage

German university licenses more than 1 PB of Compuverde software-defined storage to consolidate an unknown number of NAS systems ...

Pure Storage all-flash gains ObjectEngine backup appliance

All-flash vendor Pure Storage provides ObjectEngine inline deduplication appliance to reduce data locally and shuttle it to S3-...

Lenovo TruScale adds twist to cloud infrastructure on demand

With TruScale Infrastructure Services, Lenovo tries to catch up with Cisco, Dell and HPE, customizing TruScale to a customer's ...

SearchNetworking

What you need to know about intent-based networks

This compilation explores five pertinent questions about intent-based networking, including those about its benefits, why ...

AI in networking presents opportunities for service providers

Network installers and managed service providers can reap key benefits with AI in networking, including better productivity, ...

SD-WAN cost savings hinge on underlying WAN technologies

SD-WAN marketing almost always mentions the benefit of cost savings. Cut through the hype and discover how SD-WAN works with MPLS...

SearchCloudComputing

A beginner's guide to cloud-native application development

Cloud-native applications have become ubiquitous in IT environments. Learn what it takes to create cloud-native apps and which ...

Automation drives next wave of multi-cloud management tools

The current cloud landscape indicates a clear need for management tools that can span multiple platforms -- and they'll likely ...

Google buys Alooma to bolster its cloud data migration chops

Google Cloud will acquire Israeli startup Alooma in a bid to add to its data migration portfolio. The move follows last year's ...

SearchDataManagement

Originators form group to boost Presto SQL query engine

The Presto engine arose as an alternative to Hive for big data queries. Now, the Presto Software Foundation has formed to promote...

5 best practices for managing real-time data integration

Real-time data integration isn't like traditional data integration -- "it's moving, it's dirty and it's temporal," cautions one ...

Web integration platform eases way to machine learning models

StoryFit data scientists employ machine learning algorithms to gauge film script scenarios' prospects. They use Import.io tools ...

SearchBusinessAnalytics

Avoid turbulence when shifting to data analytics in the cloud

When migrating BI and data analytics to the cloud, factor existing analytics processes, software evaluation, data protection and ...

Upswing in cloud business intelligence spawns migration issues

More organizations are looking to run BI and analytics applications in the cloud. This handbook offers insights into moving ...

Information Builders CEO on cloud-first approach, machine learning

Information Builders' new CEO, Frank Vella, said the company's focus on cloud and machine learning will help it solidify a firm ...

Dig Deeper on Cybersecurity risk assessment and management

Related Q&A from Russell Dean Vines

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.