Glossary
What is pharming?
Pharming is an attack that silently redirects users from a legitimate website to a fake one — even when they type the correct address — by poisoning DNS records or a device's host file. Victims then enter credentials or payment details on the attacker's copy.
How pharming differs from phishing
Phishing lures you into clicking a malicious link. Pharming needs no click — it manipulates the systems that translate a web address into a server, so even a correctly typed URL can land on a fake site.
Because there's no obvious lure, pharming can be harder to spot than ordinary phishing.
How pharming works
Attackers either compromise DNS servers (DNS poisoning) or alter a device's local host file, often via malware, so requests for a real domain resolve to the attacker's server.
How to prevent pharming
- Look for HTTPS and a valid certificate, and watch for site changes or warnings.
- Keep devices malware-free and DNS settings trusted.
- Use reputable DNS providers and enable protections like DNSSEC where possible.
- Enable MFA so stolen passwords alone aren't enough.
How HookPhish helps
HookPhish helps with the human and brand side of fake-site attacks — training people to verify sites and monitoring for the lookalike domains attackers stand up.
Frequently asked questions
What's the difference between pharming and phishing?+
Phishing tricks you into clicking a malicious link; pharming redirects you to a fake site without a click by poisoning DNS or host files.
How can I tell if I've been pharmed?+
Watch for certificate warnings, subtle site changes, or a familiar address behaving oddly. Keep devices clean and use trusted DNS.
Does MFA help against pharming?+
Yes. Even if you land on a fake site, MFA makes a stolen password much less useful to an attacker.
Security training designed for people. Built for enterprise.
Learn how HookPhish can effortlessly transform your security program and reduce your human cyber-risk.
Fill out the form to schedule a 30-minute chat with a product expert. We'll discuss the challenges you want to solve, walk through HookPhish, and answer any questions.
Book a personalized demo
Looking to become a partner? Use this form instead.