Certified Ethical Hacker (CEH v11) — Question 253

In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.
What is the difference between pharming and phishing attacks?

Answer options

• A. In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name
• B. In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name
• C. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
• D. Both pharming and phishing attacks are identical

Correct answer: A

Explanation

The correct answer, A, accurately describes that pharming involves redirecting victims to fake sites through DNS exploits or host file modifications, while phishing involves tricking victims with deceptive URLs. Option B incorrectly swaps the definitions, and options C and D mischaracterize the nature of these attacks, as they both involve social engineering tactics.