A type of cyber attack intended to covertly redirect users to a phishing resource owned by the attacker. Pharming works by substituting the IP address of a legitimate site by means of malware installed on the victim’s computer.

Redirection is achieved by modifying the hosts file or DNS server settings. The list of domains whose IP addresses are to be spoofed is determined by the attacker.