This page covers pharming in AQA GCSE Computer Science as part of the cyber security threats content in section 3.6.2. Teachers need students to understand what pharming is, how it redirects users to fake websites, and why it is a serious security risk rather than just “another phishing question in disguise”. This guide keeps the focus tight to the specification so you can teach the topic clearly, spot weak understanding quickly, and mark responses with confidence.
Students often remember that pharming leads to a fake website, but they are less secure on how the redirection happens and how it differs from nearby ideas such as phishing, malware, and hacking more broadly. The sections below are designed to help with exactly that.
At a Glance
🧭 Specification context
AQA GCSE Computer Science, 3.6.2 Cyber security threats
Students must understand pharming as a named cyber security threat
What students must know
Pharming redirects traffic from a genuine website to a fake website
The fake site is designed to look legitimate
The goal is usually to steal data such as usernames, passwords, or bank details
Redirection can happen because technical systems such as DNS have been compromised
Key exam focus
Define pharming accurately
Explain how the attack works in clear steps
Distinguish it from phishing
Apply the idea to a real scenario in a short answer
Common student challenges
Confusing pharming with phishing emails
Describing it as “a virus” with no redirect element
Forgetting that the user is taken to a fake website
Understanding the Topic
Pharming is a cyber attack in which a user is redirected from a real website to a fake website. The fake website is made to look genuine so that the user enters personal details without realising anything is wrong.
For AQA GCSE Computer Science, the crucial idea is the redirection of web traffic. A good student answer does not need a deep technical essay on internet infrastructure, but it should make clear that the user attempts to visit a legitimate site and is sent somewhere fraudulent instead.
What teachers should emphasise
- The user may believe they are visiting a trusted website
- The fake website copies the look and branding of the real one
- The attacker wants to capture valuable data
- Pharming is dangerous because it can trick careful users, not just careless ones
Where this fits in the specification
Pharming sits inside cyber security threats alongside:
- social engineering techniques
- malicious code (malware)
- weak and default passwords
- misconfigured access rights
- removable media
- unpatched or outdated software
That means students should understand pharming as one threat among several, and should be ready to compare it with other threats in short exam responses.
🎯 Exam technique
If a question asks about pharming, students should use the word redirect or an equally precise phrase such as sent to a fake website instead of the real one. That precision often separates a full answer from a vague one.
Pharming vs phishing
Students regularly blur these together, so it helps to teach the contrast directly:
| Threat | What happens | What students should notice |
|---|---|---|
| Pharming | User is redirected to a fake website | The key feature is the fake site and redirected traffic |
| Phishing | User is tricked into giving information, often through a fake email or message | The key feature is the deceptive communication |
Key Terms and Concepts
| Term | Explanation |
|---|---|
| Pharming | A cyber attack that redirects a user from a genuine website to a fake one |
| Redirect | To send a user or web request to a different destination than intended |
| Fake website | A fraudulent website designed to look like a real, trusted site |
| Credentials | Login details such as usernames and passwords |
| DNS | The domain name system, which helps match website names to IP addresses |
| Traffic | The flow of data between users and websites |
| Cyber security threat | A risk to computer systems or data that may lead to theft, damage, disruption, or unauthorised access |
How to Teach This Topic
A simple teaching sequence
- Start with the familiar idea of visiting a bank or shopping website
- Ask students what could happen if the site only looked genuine
- Introduce pharming as redirection to a fake website
- Compare it immediately with phishing so the terms do not merge into one blurry cyber blob
- Practise turning a scenario into a precise exam answer
Teaching moves
- Use a short scenario with a trusted website, a redirect, and stolen login details
- Model the definition in one sentence, then expand it into two or three steps
- Ask students to underline the words that make an answer specifically about pharming
- Use retrieval questions that contrast pharming with phishing and malware
What to listen for
- “Redirected to a fake site”
- “Looks like the real website”
- “Used to steal login details or personal data”
- Not just “it hacks the computer”
Discussion prompts
- Why might a fake website still fool a cautious user?
- Why is pharming a security threat even if the user chooses the correct website address?
- Why is “fake website” more important than “email” when defining pharming?
Scaffolding ideas
- Give students a sentence starter: Pharming is a cyber attack where...
- Provide mixed examples and ask students to label each as pharming, phishing, or malware
- Use dual coding with a simple diagram showing: user → intended website → redirected fake website
Extension tasks
- Ask students to explain why DNS compromise can enable pharming
- Give students a weak answer and ask them to improve it to full-mark standard
- Compare how pharming and phishing both aim to steal data but use different methods
🧑🏫 Teacher tip
If students keep writing “pharming is when you get a fake email”, stop and reteach the distinction immediately. It is much easier to fix on lesson one than during a mock when the whole class suddenly develops the same very creative misconception.
How to Mark This Topic Effectively
What strong answers usually contain
- A clear definition of pharming
- Explicit mention of redirection
- Reference to a fake website that appears genuine
- The consequence that data can be stolen
- Accurate distinction from phishing when needed
What examiners are likely to reward
| Feature in the answer | Why it matters |
|---|---|
| Uses the term redirect correctly | Shows secure understanding of the mechanism |
| Mentions a fake or fraudulent website | Shows the student knows the defining feature of pharming |
| Links the attack to stolen details | Shows understanding of the purpose and consequence |
| Separates pharming from phishing | Shows accurate classification of threats |
Common marking problems
- Students write about phishing emails only
- Students say “a hacker gets into the system” without explaining the fake website
- Students describe malware infecting a device rather than redirected traffic
- Students give consequences without naming the actual threat correctly
Distinguishing weak and strong responses
| Weak response | Stronger response |
|---|---|
| “It is when criminals try to steal your details online.” | “Pharming redirects a user from a genuine website to a fake website that looks real so their details can be stolen.” |
| “It is a type of phishing email.” | “Unlike phishing, pharming focuses on redirecting traffic to a fake site.” |
✅ Marking guidance
Reward precision. If the student does not mention the fake website or the redirection, the answer is usually too vague for top credit, even if the general idea of stealing data is present.
Example Student Responses
Example question
Question (4 marks): Explain what pharming is and how it can be used to steal a user’s personal information.
Indicative marking guidelines
- 1 mark for identifying pharming as a cyber attack or threat
- 1 mark for explaining that the user is redirected from a real site to a fake one
- 1 mark for recognising that the fake site appears genuine
- 1 mark for linking this to theft of data such as usernames, passwords, or bank details
Strong response
A pharming attack redirects a user from a genuine website to a fake website. The fake website is designed to look like the real one, so the user may not notice the difference. If the user enters their username, password or bank details, the attacker can steal that information.
Why this is strong
- Defines pharming accurately
- Includes the key idea of redirection
- Mentions that the fake site looks genuine
- Explains the outcome clearly
Likely mark: 4 out of 4
Weak response
Pharming is when someone sends an email to trick you into giving your password away. It is used by hackers to get into your account.
Why this is weak
- Confuses pharming with phishing
- Does not mention redirection
- Does not mention a fake website
- Gives a general consequence, but not the specific mechanism
Likely mark: 1 out of 4 at best
Practice Questions
Short retrieval
- 1 mark: Define pharming.
- Marking guidance: Expect a concise definition that includes redirection to a fake website.
- 2 marks: Give two features of a pharming attack.
- Marking guidance: Credit points such as redirected traffic, fake website, site appears genuine, data theft.
Exam-style application
- 3 marks: A student types the correct web address for an online shop but is taken to a fake copy of the site and enters their login details. Name the cyber security threat and explain why it is dangerous.
- Marking guidance: Name must be pharming. Explanation should refer to the fake site and stolen credentials.
- 4 marks: Explain one difference between pharming and phishing.
- Marking guidance: Reward answers that identify pharming as redirection to a fake site and phishing as deceptive communication such as emails or messages.
- 6 marks: Describe how a pharming attack could lead to unauthorised access to a person’s online banking account.
- Marking guidance: Strong answers explain the redirect, the fake site, the entry of credentials, and how those stolen details can later be used to access the real account.
📝 Quick classroom use
These questions work well as hinge questions, exit tickets, or a short retrieval starter before moving on to wider cyber security threats.
Common Misconceptions
- “Pharming is just another word for phishing.”
- Correction: Pharming involves redirection to a fake website. Phishing usually relies on deceptive messages.
- “Pharming only happens if the user types the wrong web address.”
- Correction: The key issue is redirection to a fake site, not simply a typing error.
- “Pharming is malware.”
- Correction: Pharming is a named threat in its own right. Malware may be involved in some attacks, but the specification focus here is the redirect to a fake website.
- “If the website looks real, it must be safe.”
- Correction: A fake site can be designed to look convincing while still collecting stolen data.
- “The main point is that the computer is damaged.”
- Correction: The main point is usually theft of information, not physical or hardware damage.
FAQ
How much technical detail do students need for AQA GCSE?
Students should understand the core idea clearly: pharming redirects traffic from a real site to a fake one. Some simple reference to DNS being compromised can strengthen teaching, but answers should not become over-technical at the expense of the main point.
Do students need to compare pharming with phishing?
Yes. Even when a question does not ask directly for a comparison, students often reveal their understanding by whether they keep these threats separate.
What is the most common reason students lose marks?
They describe a generic scam or a phishing email without mentioning redirection to a fake website.
Should I teach DNS here?
Teach it lightly and only if it helps explain the redirect. For this specification point, the secure definition of pharming matters more than an extended networking explanation.
How can I check understanding quickly?
Give students three mini-scenarios and ask them to label each as pharming, phishing, or malware, then justify the answer in one sentence.
Make marking cyber security answers quicker
The platform helps teachers review responses faster, spot when students have confused key cyber security threats, and give clearer feedback on why an answer is precise or too vague. It is especially helpful when half the class writes “pharming is a fake email” with complete confidence.