Pharming Scams: Redirected, Deceived, and Robbed......by Gurjot Singh Kaler

Not all online scams start with a suspicious link or phone call. Some begin when you do everything right—enter the correct web address, everything looks normal—the logo, the layout, even the security padlock in the corner, you hit enter, and the site loads, looking exactly like your bank’s website.

But what if I told you that despite all this, you’re not actually on your bank’s site? You’ve been redirected to a fake version designed by cybercriminals to steal your personal information—without you clicking on anything suspicious. But before you realise it, your money is gone—quietly transferred in the background.

No alerts, no popups, no chance to stop it. This is the world of pharming—a stealthy and deceptive cybercrime that catches even the most tech-aware off guard.While phishing tricks you into clicking, pharming silently drags you into the trap.

India’s shift to digital services has been rapid, but awareness hasn’t kept up. Many users still rely on outdated routers, weak passwords, or unsecured Wi-Fi. Few understand how DNS works.

These gaps make pharming easier—one weak spot can silently divert thousands to fake websites. Pharming is a cyber-attack technique where criminals quietly reroute your internet traffic from a genuine website to a fake one—often without you knowing it.

These counterfeit websites are made to look exactly like the real thing, so victims often enter passwords, personal details, or financial data thinking they’re in safe hands. In some cases, the fake sites even plant harmful software (malware) onto your device for longer-term access.

Most pharming attacks follow a two-step strategy. First, the attacker either infects your device with malicious software or tampers with the servers that connect you to websites online.

Then, when you try to visit a legitimate website—like your email service or bank—you’re secretly redirected to a clone designed to steal your data. Unlike phishing, which relies on luring you into clicking shady links, pharming works in the background.

You can follow all the right steps and still get duped. That’s what makes it so sinister. So, in the case of Pharming, even after typing in the correct internet address of a website, the user still gets redirected to a fake site.

Pharming often works in the background, making it hard to catch. But there are warning signs you shouldn’t ignore:

• Familiar websites suddenly look odd—different colours, logos, or layout: Be wary if the site looks a little strange—maybe the logo is blurred, colours are off, or the text contains unusual spelling errors. These subtle cues often hint that you’re not on the genuine site.
• The site address shows HTTP instead of HTTPS : If a website address begins with http instead of https, that’s a red flag. The 's' stands for secure, indicating that the site is using encryption to protect your data. A padlock icon in the browser’s address bar indicates that the site uses a security certificate. You can click on it to view details about the certificate and check if it’s valid. Some antivirus software can do this for you automatically and alert you if anything looks suspicious.
• Your browser gives security certificate errors: Secure websites possess Secure Sockets Layer (SSL) certificate which is a kind of digital file which ensures to authenticate a website’s identity and facilitates secure, encrypted communication between a web server and a browser. Look for ‘HTTPS’ and a padlock icon in the address bar to ensure that you are surfing a secure website. If there is a security error, proceed ahead with caution.
• Frequent connection issues or slowdowns: If you’re asked to enter OTPs or card details multiple times, it might be a warning sign.
• Strange activity in your accounts—like unknown bank transactions. If You suddenly start getting alerts for unknown logins or transactions, it is better to check with the bank authorities.
•  

If you notice any of these, disconnect with the internet, stop and double-check before entering any sensitive information.

What to Do If You’ve Fallen Victim to Pharming

If you realise you've entered sensitive details on a fake website, don’t panic—but act quickly. Here’s how to take control:

• Change your passwords right away, especially for your email, banking, and any linked accounts.
• Inform your bank or digital wallet provider and ask them to temporarily freeze your transactions to prevent further loss.
• Clear your DNS cache to remove any malicious redirects. A quick online search can guide you based on your device.
• Run a full antivirus scan to check for malware or unwanted changes to your system.
• Check your Wi-Fi router’s DNS settings. If anything looks unfamiliar or suspicious, reset the router to its default factory settings.
• Report the incident immediately at cybercrime.gov.in or by calling the helpline at 1930. Prompt reporting increases the chance of recovering your money or catching the scammer. Being alert and acting fast can limit the damage and help authorities investigate further.

How to Guard Yourself Against Pharming

Pharming can be difficult to detect, but there are simple and effective ways to reduce your risk of becoming a victim:

1. Use a Reliable DNS Provider
2. Most people use the default DNS provided by their internet service provider. But there are more secure options like Google DNS or Cloudflare, which offer built-in protections against DNS tampering.
3. Install and Update Antivirus Software
4. A good antivirus program isn’t just for removing viruses—it also detects DNS tampering, spyware, and other pharming tools. Make sure it’s regularly updated. A trusted antivirus program can block malware and unauthorised changes to your system. While it can’t stop DNS server attacks, it helps prevent host-based pharming attempts.
5. Don’t Click on Suspicious Links
6. Even though pharming can occur without phishing, many attacks still begin with an initial email or fake website link. Be cautious with messages from unknown sources. Even if the page looks genuine, always double-check the URL spelling, the presence of HTTPS, and the site’s security certificate.
7. Enable Two-Factor Authentication (2FA) or Multi Factor Authentication (MFA)
8. This adds an extra layer of security. Even if someone steals your password, they’ll need a second code—usually sent to your phone—to access your account. Thus, MFA adds an extra step when logging into accounts. Even if your password is compromised, your data stays protected.
9. Secure your Wi-Fi network by changing Default Router Passwords
10. Many routers come with factory-set usernames and passwords that are easy to guess. Changing these can help block unauthorized access to your home network. Change your router’s default password and choose a reliable internet provider. Weak Wi-Fi security can open the door to DNS hijacking. Avoid conducting financial transactions or logging into sensitive accounts using public Wi-Fi in airports, cafes, or hotels. If you must, use a Virtual Private Network (VPN). A VPN masks your IP address and encrypts your connection, making it harder for hackers to access your data—even if the DNS is compromised. Choose a VPN that uses trusted DNS servers for added protection.
11. Use a password manager
12. It securely stores your login details and only fills them on genuine websites. If you land on a fake site, it won’t auto-fill your credentials—offering an invisible line of defence.
13.  
14. Keep your system updated
15. Always install the latest updates for your operating system and apps from trusted sources. These updates often fix vulnerabilities that attackers can exploit. Clear your browser cache regularly. Stored website data can be misused if you switch networks, especially on shared or public connections. It’s a simple step that helps protect your browsing activity.
16. Be cautious on social media
17. Avoid sharing personal details like birthdays, addresses, or phone numbers online. Criminals use this information to make scams feel more believable.
18. Limit Administrator Access
19. To reduce the risk of attackers tampering with your system files, avoid using administrator privileges for daily tasks. Set up a separate user account with limited access. This helps block unauthorised changes to critical files like the host file.
20. Educate Your Circle: Talk to your parents, children, and colleagues. Most people fall victim to pharming because no one told them such an attack exists.

While no system is completely immune to cybercrime, staying alert and thinking critically online remains your best defence—just as it is in the real world.

Not every cyber threat announces itself. Some hide deep in the background—within the code, the connections, the systems we trust. Pharming is one of those quiet threats.

The first step to staying safe starts at home—with your Wi-Fi, your router, browser, and your awareness. Stay cautious. Stay informed. 

April 9, 2025