Running a business means that you have to mitigate risk. Whether this involves ensuring your retail store has the proper alarm systems in place, or having the right insurance – it’s an important part of business ownership that can’t be neglected. Another significant area in which you should protect your business is online.
We’ve previously covered what phishing is and ways you can prevent it from occurring. In this article, we’ll be looking at ‘pharming’ as another risk you’ll want to minimise.
Pharming
Pharming in an online practice where a URL or website is redirected to another ‘fake’ or undesirable site. It is a type of phishing scam, and one that is common for businesses. This type of attack can be detrimental for multiple reasons including:
- Redirecting your site users to dangerous or fake sites
- Halting business when your site’s URL has been hijacked
- Instilling customer concern and distrust in your business
Pharming is a tool which allows hackers to promote ‘fake’ or illegitimate products, to interrupt your business, and for identity fraud. This type of scam is referred to as ‘pharming’ because of the large-scale it tends to operate on. Similarly, pharming attacks tend to affect multiple users at once.
DNS servers and Trojans
A DNS server is responsible for converting your website URL into the IP address where your site lives. Pharming attacks are most commonly executed by poisoning the DNS server, redirecting a website to another IP address. Pharming attacks can also affect multiple users at once through using a ‘trojan’. This is usually software which is designed to appear legitimate, but is then used to access sensitive information stored on the computers of targets.
Risk minimisation
There are ways you can decrease the risk that your business will fall victim to a pharming attack. We will outline some strategies you can execute to keep your business safe in the online world below.
Use an antivirus system
Installing a reputable and secure antivirus system on your business computers will lower the risk that your business will be targeted. Doing this will prevent hackers from being able to access your servers.
Keep your servers up to date
The DNS servers which are susceptible to being poisoned are more often than not, those that are not up to date. Older servers are more vulnerable to attacks as many lack the capacity to ward off attacks.
Be careful of the software you link to your systems
Most businesses use multiple applications to run their business. Firstly, you have to be careful what systems you use. Even if these are all legitimate, you also have to be careful of how they are synced. Pharming attacks have been orchestrated by intercepting a connecting route between software platforms. If you are using any third party applications, make sure the connector to your business systems is secure.
Train your employees in pharming
Make sure your employees are well-versed in how your systems work. Consider hosting an online security training session where you can walk them through how your antivirus software works and updating your systems regularly. Further, show your employees what to look out for, so if a pharming attack occurs, it’s not long before you’re aware of it. The most important thing to keep watch of is your business’s online URL. If there’s any minor misspelling, if the site extension is incorrect, or if the protocol of your site (https) is inaccurate, then it’s likely your site is the target of a pharming attack.
Keep your customers up to date
If anything happens which compromises the security of your customers information, you should let your customers know. Your customers will appreciate being kept informed and warned that their information may have been exploited. This will foster trust with your customers. It’s also wise to make sure your website URL appears with the padlock symbol – this signifies that your website is secure. You can also keep up to date with scams in the online community by subscribing to the ACCC’s Scamwatch email update service.
Have the right policies in place
You can help protect your business by having the right policies in place. A privacy policy will inform your customers what data of theirs your site will be collecting. If a breach or pharming attack occurs, your customers will understand what information may have been compromised. You should also have website terms and conditions which will inform your customers how your site is to be used. Though these measures will not prevent a pharming attack from occurring, they will minimise the damage that can be caused by them.
Pharming is a commonly-executed activity which can wreak havoc on your business. However, if you know what to look out for and take precautionary measures, you can decrease the chances that it will happen to you.
Don’t know where to start? Contact a LawPath consultant on 1800 529 728 to learn more about customising legal documents and obtaining a fixed-fee quote from Australia’s largest legal marketplace.
