Pharming
Redirecting your browser to a fake website even when you type the correct web address, by poisoning DNS records or manipulating router settings.
Also known as: DNS hijacking, DNS poisoning
Last reviewed: 1 June 2026
Pharming attacks the connection between a domain name and its IP address. When you type 'yourbank.com', your computer asks a DNS (Domain Name System) server to translate that name into an IP address. If that translation has been tampered with — either on the DNS server itself (DNS poisoning) or on your home router — you are silently sent to an attacker's fake site instead.
Because you typed the correct address and see what looks like the right site, pharming is harder to spot than ordinary phishing. Warning signs include a missing or invalid HTTPS padlock, subtle visual differences, or being asked for information the real site never requests.
Pharming is less common than phishing but more dangerous per attack because the victim has taken seemingly safe precautions. Keeping routers firmware-updated, using reputable DNS resolvers, and always checking the HTTPS certificate reduces risk.