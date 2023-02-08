We have been seeing a number of cyber fraud cases related to phishing links in the past few months. Scammers trick people by asking them to click on malicious link attachments and get access to their sensitive data like bank account details. However, one can prevent phishing fraud by not clicking on any suspicious links. But what if someone doesn't click on a suspicious link but still gets redirected to a malicious site while casually browsing? Well, in a recent case of cyber fraud, a software engineer was duped for more than Rs 2 lakh while he was booking travel through a website online.

A man from Maharashtra who works as a software engineer was booking a cab online to go to Nashik. To book a cab he even added his information on the travel agency website and initiated the payment. However, the booking failed due to a technical glitch on the website.

"The complainant had furnished his details to the agency in an email on the website of the travel agency but failed to book the cab due to a technical glitch," said a police officer quoting the complaint to Times of India.

After a while, the software engineer received a call from a man who introduced him as Rajat and identified himself as an employee of the same travel agency.The employee further assured the victim to help him with his booking for a cab. Taking further the booking process, he asked the victim to make a payment of Rs 100 on the travel website again and said that the rest of the payment could be paid after the trip.

However, when the victim again tried to make the payment, the website again faced a technical glitch. In the end the victim left the booking as it is without taking the booking process further. But to his horror, a few hours later, he received back-to-back transaction messages from his bank notifying him about a sum of more than Rs 2 lakh being debited from his account.

"At midnight, he received a message in his mobile that a sum of Rs 81,400, Rs 71,085, and Rs 1.42 lakh had been debited from credit card accounts. Immediately upon realising that there was something wrong he contacted the customer care of the banks and asked them to block the credit cards," the police further quoted in the complaint.

While the quick response to contact customer care helped the victim bring back his Rs 71,085 he still lost the remaining amount of Rs 2.2 lakh to scammers in cyber fraud. While the case is under investigation, it did spark a question about how the software engineer got duped.

Well, the above-reported case seems to be a case of pharming. Pharming is a type of cyber attack where hackers manipulate a website or a computer's DNS (Domain Name System) server to redirect users directly to a fake or malicious website even if a user types the correct URL.

That means that even if someone doesn't click on a phishing link and searches through a real website, they can be redirected to a fake one without them realising. Hackers then trick people through these fake websites and make them enter sensitive information like passwords, credit card numbers, or other confidential data. Similar to what happened to the above-reported case where the victim initiated the payment but the website showed a glitch.

How dangerous are pharming cyber attacks

Pharming attacks can be more dangerous than phishing attacks because they don't require any action from the user. For example, if you receive a bank SMS or notification you can ignore it and not fall for it. However, in pharming, you will not realise you've been redirected to a fake website because the URL in the address bar seems legit.

How to prevent pharming attacks

So to protect against pharming cyber attacks, it is important to keep your system software up-to-date. It is also advised to use security solutions to prevent your systems from any virus or maliciousness. Additionally, avoid downloading suspicious attachments or clicking on suspicious links and regularly check financial statements to keep track of any unauthorised transactions. Also backing up your important data regularly is highly advisable.