Red TeamingJan Kahmen3 min read

What is Pharming?

The term "pharming" refers to the attempt to fraudulently obtain personal information such as credit card details through fake websites. This involves manipulating the DNS queries of web browsers.

Table of content

What is Pharming?

Pharming is a combination of the English words "phishing" (German: ab-/fishing) and "farming" (German: ernten). It is a further development of the well-known phishing fraud method in which users' personal data is stolen and used fraudulently.

How Pharming Attacks Work

In contrast to phishing attacks, which are usually carried out via email, pharming attacks are carried out via manipulated websites. There are various methods for redirecting users who enter a web address into their browser to a fake page. On these fake pages, either dangerous malware is installed on the user's computer or an attempt is made to access personal and confidential data. These can then be used for money transactions or identity theft.

Risks due to Pharming

Pharming is particularly problematic because conventional precautions such as using bookmarks or entering the web address manually do not help. The redirection to the fake site only takes place when the user's computer establishes a connection to the website's server. To protect against pharming, professional anti-virus programs and firewalls are recommended, which issue warning messages for suspicious sites or block the connection to fraudulent sites.


To detect pharming attacks, DNS servers from different networks can be queried. If the answers match, it is unlikely that it is a pharming attack. A query of the IP address in a Whois database can also help to determine the location and blacklisting status of the provider.

For online purchases or banking transactions, it is important that the website begins with "https://", which indicates a secure connection. For a secure connection, the server must authenticate itself and exchange a certificate. The certificate must not be signed by the server itself, which is indicated by a warning from the browser. Certificates issued by a trusted certification authority are usually automatically accepted by the browser. However, many users are vulnerable because they ignore warning messages or do not take them seriously.


Pharming is a dangerous fraud method that is constantly evolving. To protect yourself against it, it is important to pay attention to suspicious warning messages and use professional security software. Awareness of potential dangers and avoiding unsecured websites can also help to protect against pharming attacks.


Curious? Convinced? Interested?

Schedule a no-obligation initial consultation with one of our sales representatives. Use the following link to select an appointment: