312-50V10 · Question #207
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is th
The correct answer is B. In a pharming attack a victim is redirected to a fake website by modifying their host configuration. Pharming redirects victims to fraudulent sites through technical host-configuration manipulation such as DNS poisoning or hosts file modification, whereas phishing uses deceptive messages to lure users into visiting fake sites.
Question
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?
Options
- ABoth pharming and phishing attacks are identical.
- BIn a pharming attack a victim is redirected to a fake website by modifying their host configuration
- CIn a phishing attack a victim is redirected to a fake website by modifying their host configuration
- DBoth pharming and phishing attacks are purely technical and are not considered forms of social
How the community answered
(34 responses)- A3% (1)
- B88% (30)
- C3% (1)
- D6% (2)
Why each option
Pharming redirects victims to fraudulent sites through technical host-configuration manipulation such as DNS poisoning or hosts file modification, whereas phishing uses deceptive messages to lure users into visiting fake sites.
Pharming and phishing are distinct attack types - pharming uses technical DNS or hosts-file manipulation while phishing relies on social engineering via deceptive emails or messages.
In a pharming attack the attacker poisons DNS records or modifies the victim's local hosts file so that a legitimate domain name silently resolves to a malicious IP address. The victim types a valid URL yet is transparently delivered to a fraudulent site, requiring no deceptive link or user click error. This silent technical redirection is the defining characteristic that separates pharming from phishing.
It is pharming, not phishing, that redirects victims through host-configuration modification - phishing depends on deceptive communications to trick users into following malicious links voluntarily.
Phishing is explicitly a social engineering technique that manipulates user behavior through deceptive messages, so characterizing both attacks as purely technical is factually incorrect.
Concept tested: Difference between pharming and phishing attack vectors
Source: https://www.cisa.gov/news-events/news/avoiding-social-engineering-and-phishing-attacks
Topics
Community Discussion
No community discussion yet for this question.