Recent Posts

Recent Blog Posts

The PhishLabs Blog

Chris Bowen

Recent Posts

Anti-Pharming 101: Countering Hosts File Pharming

Posted by Chris Bowen on Mar 11, '14

A few weeks ago, we took our first look into Pharming. We saw some basics about how it can be accomplished and detected. Let’s now take a bit of a deeper dive into the technical aspects that drive it and start talking in more detail about how we can detect and mitigate these types of attacks.

But before we discuss the details of how these attacks work, it is important to understand how a computer obtains an IP address (which is used to actually initiate a connection to a website) from the domain within a URL (such as When a Web user attempts to navigate to a site, their computer can determine an IP address by either consulting a local file of defined mappings, called a hosts file, or by consulting a DNS server on the internet.

Read More

Topics: Phishing, Fraud, Pharming

Anti-Pharming 101: What are pharming attacks?

Posted by Chris Bowen on Jan 31, '14

Pharming is a type of cyber-attack that hijacks a legitimate website’s traffic and instead directs it to a malicious web server. In many respects, pharming is similar to phishing in that it presents a victim with a page that appears to be 100% legitimate and trusted. But unlike phishing attacks, pharming attacks don’t rely on tricking a user into clicking on a malicious URL. Instead, the user navigates to the proper URL for a website (perhaps even by using the same bookmark as yesterday) and is directed to a bogus server hosted by the attacker. A page is presented that steals the user’s information – at least their account credentials – and is often not detected by a victim until information has already been compromised.

Read More

Topics: Phishing, Pharming

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all