Why it is so difficult to evaluate the influence of women on Viking Essay

Why it is so difficult to evaluate the influence of women on Viking society - Essay Example The saga writers of the 13th century belonged to an oral tradition, which embraced written culture like the Holy Bible. It is characteristic of Scandinavian or Norse societies, that they had never had any hierarchical form of governing. But Viking societies now had a king, who served as a ruler, and men were the dominant group in the society and the family. All these social aspects were then highlighted in epics and romance. As a result, saga writing became a political act in gender relations under this situation. The ideological view of the binary opposition formed a kind of "stereoscopic" view on women as depicted in the sagas, paying special attention to gender roles and the contexts of these performances. First, when one looks at women's representation in one of the oldest forms of Icelandic literature, the 'Gylfaginning' saga, most of the gods are represented as warriors, and are thus heroic images. This depicts the social role of males as being the 'external' heroes and proves their dominance both in the society and in their own family. Goddesses such as Frigg and Freyji usually represented marriage, motherhood, fertility, love, household management and domestic art2. Frigg and Freyji are the highest goddesses from the sir and Vanir races. In addition to their divine images, they are always seen as role models for the moral code for Viking women. Oral literature or written sagas were the major entertainment for Vikings, so the sagas worked as 'social education', developing the stereotype and the binary ideology in the Viking society. With this change and suppression of the past, there still were "strong women" in oral sagas in the Viking age. But nevertheless women we re constrained from playing the role of remembering and preserving the connection with the past, and evoking it in a way that minimizes its potential disruption of, or threat to, the present symbolic order3. Additionally, because of changes in political, social and religious culture, Viking women have lost their power in the public sphere. That's why women in sagas have always been the subordinate group under the authority of the male in the family. As in the Laxdoela Saga, the father was the one who decided about Gudrd's first marriage to Thorvald, a man she did not love4. This fact shows that women were under male's authority and seldom appeared in public. They were powerful in their limited private surrounding, taking care of their household and family, but still faced the binary opposition that influenced their society and the role and power of Viking women. Ultimately, it has blurred or flattened the influence of female Vikings on Viking society. To understand the social and historical function of sagas in Old Norse society, it is necessary to see, how women were represented in early legislation, together with their life's depictions in archaeological documents. In the medieval Scandinavian culture and from my study of the sagas, Viking women were always signified and related to the household and to nurturing their family and children. We can see this from one of the oldest sagas in Northman Literature, the Saga

Nature and culture Essay Example | Topics and Well Written Essays - 1000 words

Nature and culture - Essay Example Considering the various sociological perspectives that can be taken with regard to nature and culture, two stand out from amongst the others. These are the structural functionalist perspective and the conflict perspective both of which consider nature and culture in very different lights. To better understand how they differ and the distinctions made by them with regard to nature and culture it would be useful to examine them individually. First, structural functionalism is founded on the idea that society is composed of structures that are supposed to perform a certain function. In essence, both nature and culture are social structures but culture is more of a social construct than nature (McClelland, 2000). For instance, if a culture is connected deeply to the principles of monogamy it is entirely possible that the cultural elements of the society would lead to the government outlawing polygamy. On the other hand, some cultures may permit polygamy or even polyandry and thus the socially constructed laws in that country may give individuals the permission to create families in that manner. However, the functionalist perspective would suggest that the role of the family unit in both cultures could be more or less the same and the role is not solely dependent on the way in which the family is formed. Therefore, the role of culture in the functionalist perspective would be understood by examining the function performed by culture for a given society. The role of nature becomes something which deals with the individual and the skin bound individual may not be included in the debate on the functions of culture for society. However, the nature of the individual may function quite importantly for a person who interacts with society and thus his/her own nature may cause her to seek out groups which form a sub-culture in the larger culture. On the other hand, the conflict

Thoreaus Where Lived And What Lived For Philosophy Essay

Thoreaus Where Lived And What Lived For Philosophy Essay Take a moment and think for a few seconds, what you have done for your typical day. The majority of us would says, we normally rush through our typical daily tasks, or what not, trying to get those accomplished one by one, as much as we could, in a given time. Tasks may differ in each person of different ages, positions, classes or even lifestyles. But those things give us one common thing, a nature of what we called, the chaotic . Then, at the end of the day, we are exhausted with stress from chaos and routines of the day. Very often, we dont have time, or perhaps with lack of willingness, to spend time with our love ones and do things we are passionate about. In the essay Where I lived and what I lived for, Henry David Thoreaus [1817-1862] expression appeals me of the importance and value of living the simple life nature affords, that I believe, it is as necessary now as it was back in his time. I support Thoreaus philosophy and idea of living a simpler life, where one can enjoy ea ch and every activity, where one is content rather than rushing to finish his or her daily chaos. I found Thoreaus writing style is complex and hard to understand throughout in that essay. It has at least 3 to 4 commas in each sentence, which makes me harder to follow all the way though. It seems like Thoreau put his sentences with as much information and words as he could till, as if, they were overflowing from the page. But after a few times repeat reading that, I think I was able to take hold of the basic argument he is trying to make. I discovered Thoreaus Where I lived and what I lived for made a very compelling argument for his going to live in the woods. Many examples have supported his beliefs in that essay. The essay opens with Thoreau seemly stating his purpose for moving to a cabin on Walden Pond. He is claiming the woods to be a supercilious place to live close to life. Throughout his essay, he simplified life to as small possible form as he could. I consent with his argument about simplifying life and cut off those are not essential and the routines that we having in our daily life. Thoreau moves to the woods so as to drive life into a corner, and reduce it to its lowest terms, and the fact that he wanted to live deep and suck out all the marrow of life, (Natural acts 33). Perhaps, even in this recession period, some point every year isolate ourselves and relieve from all the stress we have been carried throughout the year and make our life simpler surrounded by nature. But it might only works for those w ho make the time and have the time, for others, they might not be able to dream about it. His respect to the nature and desire of living simplicity as nature is almost religious and glorify God and enjoy him forever (Natural acts 33). Although disagreed as to whether the world as made by God or the devil, Thoreau has uncertainty about it, he wants to live his life as intensely as possible. Let us spend one day as deliberately as Natureà ¢Ã¢â€š ¬Ã‚ ¦ Thoreaus interpretation toward nature is with admiration, adoration and value (33). But it is only the way he sees the nature, not everyone could agree with him, not even the writers who compose about the nature could. Joyce Carol Oatess [b. 1938] expression, in her essay Against Nature(Natural Acts 42), toward the nature the subject is there only by the grace of the authors language makes suggests that we do not need to rely on our senses but we only rely on language for our understanding of our surroundings (45). If on all sides of her was random, wayward, nameless motion, she would not even know herself that: We all are the product of the Mother Nature. Meaninglessness cannot produce the meaning itself. Her belief that Nature is mouth, or may be a single mouth ignores the privileges of birth and the existence of the death (46). The two authors has the same vision on that, Thoreau also state that when I came to die, discover that I had not lived. None the less, I found that they both have a deep philosophical concern about the meaning of life in their essays. Thoreau is pretty much correct in the sense that he makes us out to be robotic go about our day in a tedious way. Mostly, we all have our own routines that we have been followed through big part of our life that we hate to change. Throughout the reading on his essay, the only one thing I dont completely understand was about the train, sleepers and people that line the track, or buried under the track if some have the pleasure of riding on a rail, others have the misfortune to be ridden upon. My best knowledge to understand that is, at the time period he was written this(1854), he means the people who were wealthy enough to ride on the new trains on the new tracks that are traveling all over the country, and the people who cant afford it, had to build the rail tracks for their living. But I dont know the relationship between this and the simplifying our lives, so maybe I still dont understand what he is trying to say. In conclusion, the description of Thoreaus search for eternal truth is perhaps his finest poetry. Life means not just a physical functioning but also eternal fulfillment inside. Where I lived and what I lived for portray nature as the simple way of life. Henry David Thoreau has a main goal, to reverse the blindness of humanity to nature. People day to day strive for obtaining the most wealth, the most foods, the most of everything. Many of us found that, as we grew older, it is not essentially more money or the fame, or the power that make our lives happier. Oftentimes it is the simple things we can do in our lives that lead to achieve the great happiness in life.

John Fitzgerald Kennedy - JFK Essay -- President Kennedy

John Fitzgerald Kennedy - JFK John Fitzgerald Kennedy was born in Brookline, Massachusetts, on May 29, 1917, the second son of financier Joseph P. Kennedy, who served as ambassador to Great Britain during the administration of Franklin D. Roosevelt. He graduated from Harvard University in 1940, winning note with the publication of Why England Slept, an expansion of his senior thesis on Britain's lack of preparedness for World War II. His part in the war was distinguished by bravery. In August 1943, as commander of the U.S. Navy torpedo boat PT-109, he rescued several crewmen after a Japanese destroyer off the Solomon Islands rammed the boat. His heroic rescue of survivors of his crew won him the Navy and Marine Corps Medal as well as the Purple Heart. In 1953 He married Jacqueline Lee Bouvier, daughter of a wealthy Wall Street broker, they had two children Caroline & JFK JR. In 1946, and with the enthusiastic help of his brothers and sisters won the Democratic nomination to the House of Representatives in the ele venth district of Massachusetts. His mother and sisters organized teas at the homes of voters, while his father furnished campaign funds. He won the election and as Congressman voted for Truman's welfare programs, including expanded social security benefits, aid to veterans, and old-age benefits. In 1952, Kennedy upset the veteran Republican Senator Henry Cabot Lodge by winning his seat in the US Senate. He and his family began working tirelessly for his presidential nomination as early as 1956. In 1956 Kennedy almost gained the Democratic nomination for Vice President, and four years later was a first-ballot nominee for President. Millions watched his four television debates with the Republican candidate and current Vice President, Richard M. Nixon. Winning by a narrow margin in the popular vote, Kennedy became the first Roman Catholic President. His Inaugural address offered the memorable injunction: "Ask not what your country can do for you--ask what you can do for your country." As President, he set out to redeem his campaign pledge to get America moving again. His economic programs launched the country on its longest sustained expansion since World War II; before his death, he laid plans for a massive assault on persisting pockets of privation and poverty. This plan was named the new frontier; his ideas were used for years to come. Ke... ... â€Å"of landing a man on the moon and returning him safely to earth† The space program fascinates the American people. In the early 1960s whenever space flights were launched during school hours students would gather in gyms and auditoriums to watch the lift offs on television. The race to the moon continued through the 1960s. It is one of the nations single most expensive projects of the decade, costing $56 billion. On November 22, at 12:30 PM CST, while riding in an open limousine through Dallas, Texas, Kennedy was shot in the head and neck by a sniper. He was rushed to Parkland Memorial Hospital, where efforts to revive him failed. A commission headed by Chief Justice Earl Warren concluded in September 1964 that the sole assassin was Lee Harvey Oswald, a former U.S. Marine. Oswald, who was captured hours after the assassination in a nearby theater, was himself killed two days later by Dallas nightclub owner Jack Ruby while being moved from the city to the county jail. The state funeral of President Kennedy was watched on television by millions around the world. He was buried in Arlington National Cemetery. To this day JFK is still considered one of the nations best presidents.

Morality vs Duty Essay

When we hear stories about soldiers and about war, it’s usually about patriotism for one’s country, their duty, the bravery of the soldier who died in battle, and the pride at a soldier’s return. The story that is not typically heard is what it really feels like to put on a uniform, go to war, and come home. The psychological and emotional trauma these young men and women face in war is nothing short of moral anguish. This is evident in Haruki Murakami’s gruesome story, â€Å"Another Way to Die.† Here is a lieutenant struggling with the barbaric orders he was given to execute three prisoners with a bayonet and a fourth prisoner with a baseball bat. Throughout the story the lieutenant would often repeating his orders and muse over the senselessness of the act. In sum, he says, â€Å"What the hell good is it going to do to kill these guys? †¦adding a few bodies to the count isn’t going to make any difference. But orders are orders. I am a soldier and I have to follow orders† (1039). Ultimately, the lieutenant employs another soldier to execute the final prisoner with a baseball bat. Perhaps this is an example of the lieutenant’s inability to go against his moral fiber. He does his duty by making sure the order is carried out, but he cannot do it himself. As one can only imagine, it can be difficult to bludgeon someone to death. This soldier, ordered to carry out the task, had never even held a baseball bat before. Yet, they were all surprised when the prisoner, â€Å"with his last drop of life,† sat up, â€Å"as if he had fully come awake† and then grab on to the veterinarian standing nearby (1041). The lieutenant had to fire his gun for the first time ever at a human being. However, he chose not to think about it until after the war was over. How could he? Certainly he wouldn’t be able to do his duty if he let his morals get in the way. In Frank O’Connor’s story, â€Å"Guests of a Nation,† one can assume that duty would become obsolete-Especially since the prisoners and captors had become friends. The tone of this story seems hopeful. The scene is in a cozy little cottage run by an odd, but likable old woman. The characters are all cheerful and friendly towards each other. It is difficult to keep in mind that there is a war going on and that these four are enemies. Even the narrator, Bonaparte, has a hard time believing they are hostages and is surprised and saddened when he learns that he may have to shoot them (1024-1025). Hawkins, the more animated hostage, has a hard time believing it as well. It’s not until the very last moment that he realizes they’re earnest. He says to Donovan, â€Å"What have you against me, Jeremiah Donovan?† (1027). That he knows his full name and it comes naturally to say it aloud, should be enough proof that these men are not enemies. Hawkins asks if anyone thought he would shoot Noble if he had to and Donovan points out, â€Å"yes, you would†¦. Because you’d know that you would be shot for not doing it.† Regardless, Hawkins insists he would never shoot a pal. Hawkins contends that his morals are higher than his duty. But then again, he’s not the one holding the gun. Bonaparte, keenly aware of the gun in his pocket wishes they would attempt to run away, knowing he wouldn’t shoot at them if they did (1027). Donovan, their leader, never did get too close to the hostages and seemed to have no problem firing at them. His sense of duty was high. He asks Belcher if he understands that they are only doing their duty, to which Belcher remarks, â€Å"I never could make out what duty was myself. I think you’re all good lads, if that’s what you mean. I’m not complaining† (1029). I’m not actually that sure Belcher would have shot either of them if the roles were reversed. It is difficult enough to cope with the loss of a friend. One can only imagine if you were the one ordered to kill your friend. How does one come out of something like that? Noble turned to God. Bonaparte never feels the same about anything again. Surely this is not something that they will easily move past. Think about it; all our lives we’re taught what is right and what is wrong. Then, one day, you are ordered to torture or kill a stranger. Even when they’re interrogating a prisoner the right way-that is, not torturing them- they are gaining intimacy just so they can exploit them. At what point does duty beat morality? The truth is, for most soldiers, it doesn’t. Despite the task they are ordered to execute, virtually every soldier has an overwhelming sense of guilt and regret. Is a soldier’s guilt worth their sense of duty in the end? I highly doubt it. Perhaps, this is the reason those stories are often swept under the rug. The shame is too much to admit out loud.

The Journey Of Taking Film - 986 Words

The journey of taking Film 1 has been very eye opening when it comes to analyzing film. I myself have always been a very harsh movie critic, however through taking Film I have been exposed to many different art styles of film. Resulting in me being more appreciative of different genres of film. Although my knowledge and criticism of films have matured throughout taking this course, there is still one director that I find to be a level above the rest. With knowing Tarantino has worked on a film , the audience can be rest assured that they will be in for a treat. Quentin Tarantino has consistently proven that he is in the top echelon of film making. Spanning from the start of his director career to now, Tarantino has released the highest tier of films to date. Films like Pulp Fiction, Reservoir Dogs, Django Unchained, and my personal favorite Kill Bill 1 and 2. Taking a closer look at Kill Bill Vol 1 and Vol 2, it becomes apparent how amazing of a film director Quentin Tarantino truly is. First of all Tarantino had never filmed or worked on a martial arts film before, so Tarentino learned as he filmed the movie. Although he did his research and talked to his peers Tarentino ended up shooting scenes over and over again to get every little detail correct. Tarantino has utilized many cinematography techniques The fact that Tarantino stepped out of his comfort zone is unheard of for a director, and on top of that to film a masterpiece as well is absolutely remarkable. Those leapsShow MoreRelatedRole of the Woman in Film1171 Words   |  5 PagesRole of the Woman in Film For many years, feminists have believed that the success of classical film is based on portraying women as objects and something to be acquired by men, but I don’t think that is the case. While this hypothesis can be seen in some much older films when that type of thinking was accepted, I believe that women have actually played great roles in some classic films. In Howard Hawks’ His Girl Friday, the whole film revolves around Hildy realizing that she plays a significantRead MoreLord Of The Rings : The Two Towers1049 Words   |  5 Pagesand concluding with The Return of the King. The movie was film throughout New Zealand, show cases the beautiful scenery the country has to show case. This film series is one of the biggest movies ever made making almost $3 billion at the box office. This making it one of the most successful trilogies. Continuing on from where the first film concluded, the film intercuts three storylines. Starting off with Frodo and Sam continuing their journey to Mordor to destroy the ring. The second story line thatRead MoreRevenge In Films : Django Unchained And Inglourious Basterd1210 Words   |  5 Pages Films provide audiences with the opportunity to experience actions they could not in the real world. Revenge is one such action. The act of taking revenge is often frowned upon and those who do pursue revenge typically face heavy consequences. Revenge driven movies such as Django Unchained and Inglourious Basterds, two films by Director Quentin Tarantino, allow audiences to experience the feeling of revenge without pursuing it themselves. The plots of these two films focus on historically oppressedRead Morejourneys in handmaids tale1334 Words   |  6 PagesJourneys Essay We learn from the journeys we take, through experience, not from the destination itself. This statement is supported by both Margaret Atwood’s fictional dystopian novel ‘The Handmaid’s Tale’ and Oliver Stone’s crime fiction film ‘Natural Born Killers’. Through the use of multiple techniques Atwood makes it clear that the protagonist Offred undertakes inner and imaginative journeys during the course of the novel and learns from them. Likewise, Stone uses an array of film techniquesRead MoreAnalysis Of The Film Baraka And The Daughter Of Keltoum 1211 Words   |  5 PagesThe films Baraka, directed by Ron Fricke, and The Daughter of Keltoum, directed by Mehdi Charef, are two very well done films that give the viewer a glimpse of what it is like to live in different parts of the world. Both directors do an excellent job of capturing an incredible sight for each film while also telling a unique story. The film Baraka, is a documentary that takes the viewer on a fantastic journey around the world. One thing that is unique about this documentary is that it FrickeRead MoreThe Movie Apocalypse Now By Benjamin Willard1096 Words   |  5 Pageswent crazy and now commands his own troops in Cambodia. Benjamin Willard the army captain joins the navy commanded by â€Å"Chief† and his crew in Cambodia. Benjamin and his men are now in a Helicopter transported by an Helicopter and they began there journey up the river in Cambodia. Benjamin Willard reads up on Walter Kultz and what he has done learning about the officer and possible techniques to capture him. Benjamin and the crew inspect a civilian for weapons but panics and Willard shoots dead theRead MoreHeros Journey Analysis989 Words   |  4 Pagesexactly is ‘the Hero’s Journey’? Well, the answer lies in Joseph Campbell’s book â€Å"The Hero with A Thousand Faces.† Back in the early 20th century, Campbell studied myths from all over the world and he started noticing something similar in all the stories. He noticed that heroes and heroines from every time period were taking more or less the same journey. This became known as ‘the Hero’s Journey’ or the Monomyth. This principle archetype follows a person who goes on a journey, endeavours new challengesRead MoreAnalysis Of The Movie Madame Tutli Putli 1493 Words   |  6 PagesMadame Tutli-Putli is a 2007 stop motion animated short film by Montreal fil mmakers Chris Lavis and Maciek Szczerbowski, collectively known as Clyde Hyde Productions. This stop motion animated film takes viewers on an elating existential adventure into the completely envisioned, material universe of our main character, Madame Tutli-Putli, as she ventures alone on a train weighed down with all her natural belongings and the phantoms of her past, she confronts both the consideration and threat of outsidersRead MoreAnalysis Of Grant Heslovs The Men Who Stare At Goat1036 Words   |  5 Pagesrole in an individuals journey. The nature of a journey is wildly unpredictable and exhilarating, solely directed by the universe. This is further demonstrated in the mathematical theory of the ‘butterfly effect’ which states small causes ultimately have large effects, a constant motif subtly portrayed in Grant Heslov’s The Men Who Stare At Goats, a film which tracks the journey of Bob Wilton in his attempt to find himself whilst letting go of his past life. On his journey, Bob is stirred by multipleRead MoreAnalysis Of O Brother Where Art Thou 961 Words   |  4 PagesTwo Journeys One Tale The Odyssey is an eight century epic by Homer which depicts the journey of Odysseus as he attempts to return to his home at Ithaka after the fall of Troy. During his travels, Odysseus faced many obstacles whom he had to overcome. In order to do so, Odysseus had to prove his intellectual capacity, strength and determination. â€Å"O Brother Where Art Thou† is a 2000 adventure film which follows the journey of a man named Ulysses Everett McGill as he attempts to make his way back home

Online transaction - Free Essay Example

Sample details Pages: 31 Words: 9221 Downloads: 5 Date added: 2017/06/26 Category Statistics Essay Did you like this example? 1.0 Introduction Years ago, consumer need to step out from home for buying groceries, settle bills, making transactions and others daily activities. But in nowadays, consumer can simply sit in front of computer with the available of internet connection to complete all of those daily activities with the help of online transaction. Online transaction becomes more advance from days to days but also accompanied by the increasing of the prevalent and sophisticated of internet fraud. Phishing and pharming are the two most famous internet frauds. This report will discuss in detail about the two most famous internet frauds, Phishing and Pharming. The topic that will be discuss in this report included the history of phishing and pharming, methods of phishing and pharming attacks, impacts cause by phishing and pharming and solutions to phishing and pharming. Don’t waste time! Our writers will create an original "Online transaction" essay for you Create order For this report, the problem is being approached from practical standpoint via internet. The materials that obtained from the internet are the results of experiment and investigation by others. The purpose of this report is written for those users of online transaction which hope that this report will give a clear message for those users of online transaction like what actually phishing and pharming is, impacts that will cause by phishing and pharming and the solutions to phishing and pharming. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 1.1 History of Phishing and Pharming The term phishing was coined when the America Online (AOL) accounts being theft by attackers using email in year 1996. The term phishing was derived from the concept of fishing hook which the attackers use email to lure the users AOL password. The character f of fishing is then being replaced by ph to keeps it compatible with the computer hackers tradition. Phishing works by using social engineering to lure consumers to divulge their sensitive personal information at fraudulent websites or known as spoofed site, sending email, through instant messaging (IM), Peer to Peer (P2P) network, search engines and etc. Pharming was the evolution of phishing that also use to solicit consumers sensitive personal information by using technical subterfuge like sending email contained of viruses or trojan house that will install small application program at the targeted victims computer. The application program will redirect user to a fraudulent website when they visit an authentic official website. Beside of this, attacker will also use those well known traditional techniques like DNS cache poisoning, domain spoofing and other techniques to redirect users to the fraudulent website when user want to visit an authentic website. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.0 What is Phishing Attack Phishing is criminally and fraudulently lure of consumers in divulging their sensitive personal information such as credit card numbers, account username, password, PIN number, mothers maiden name and other personal information through social engineering like sending email contain of link, download and install keylogger in victims computer or create look-alike web interface and domain name that hard to be differentiate by the victims. 2.1 Techniques of Phishing Attack 2.1.1 Sending Email The most popular techniques that used for phishing attack is by sending the targeted victims an email that contained of hyperlink to fraudulent websites pretending the email are sent from the hijacked brand name of banks, e-retailers, credit card companies or others online merchants Attackers will always convince the recipient of the email to respond by including message that sounds plausible or problem that are serious to the recipient like there is a problem in your accounts information, please verify it. When the recipients click on the hyperlink included in the email, recipients will be redirect to the fraudulent website. The website will either contained of form or pop up screen that will ask user to insert their sensitive personal detail and submit it to the attacker. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.1.1.1 Figure 1:Example ofFake Email From eBay 1 Bustathief.com What is Phishing eBay Phishing Examples [Online] Available: https://www.bustathief.com/what-is-phishing-ebay-phishing-examples/ [Accessed: 31 October 2008] This email did look like the email that sends by eBay but it is actually an email that sent by attacker to the recipient. When the mouse pointed to the Respond Now Button, it will reveal the web address that will redirect recipient to. As we can see the link that being reveal is https://202.5.90.139/IT/.cgi-bin/ws/ISAPIdllUPdate/that is not a link to the authentic eBay website. When recipient get this type of email, they should go to their eBay account and check on the private message and see is this email sent by eBay. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.1.1.2Figure 2:Example ofFake Email From eBay 2 Bustathief.com What is Phishing eBay Phishing Examples [Online] Available: https://www.bustathief.com/what-is-phishing-ebay-phishing-examples/ [Accessed: 31 October 2008] The emails that send by attackers to recipient that shown is in image format which embedded into the email. No matter where did the recipient point at the image, the mouse cursor will change to a hand for the computer default setting. When recipient of this email click on the image that embedded into the email, they will then being redirect to the website that control by the attackers and the sensitive information of the recipient that being redirect to the fraudulent webpage might be stole. 2.1.1.3Figure 3: Example of Masked Link At the example shown, there is a masked web address which show a link to legitimate website but when mouse pointer point to the link, it will reveal the real link which will redirect user to. Those links is being present in a string of cryptic number which is not the companys web address. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.1.2 Keylogger Other then sending email to the targeted victims, attackers also uses instant messaging (IM), Peer to Peer network (P2P), exploited website or search engine to download and install keylogger at the users computer. Keylogger is a type of malware that use to track the users keystroke on a website to steal the sensitive information that key in by the user. 2.1.2.1Figure4: Example ofKeylogger Detected SecurityFocus Sachin Shetty Introduction to Spyware Keyloggers [Online] Available: https://www.microsoft.com/protect/yourself/phishing/identify.mspx [Accessed: 01 November 2008] There is a list of keylogger being detected by using the Microsoft AntiSpyware. The registry entries that made by keylogger might be in EXE or DLL format which as what shown in figure 4, the keylogger that detected is bpk.exe, bpkhk.dll, bpkr.exe, bpkun.exe, bpkvw.exe and i_bpk2003.exe. 2.1.3 Create Look Alike Web Interface Domain Name At the early year, the phishing of sensitive personal information was less sophisticated where the hyperlink contained in email is representing by IP address like 192.168.1.25, but not domain name like www.banking.com. The email that sent to the recipient at the early year of phishing normally has poorly written, bad grammar, spelling error and cheap scam. But in the later days, the attackers start using HTML to code the website with the stolen logo from the authentic website so that it look like the authentic website and make the user hard to differentiate between the authentic website and fraudulent website. Beside from this, some attackers also create a look-alike domain name that will confuse the user. For example, the character l ofwww.google.comis being replaced by the number 1 whichwww.goo1ge.comthat look similar towww.google.comwith just one character exchange. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.1.3.1Figure5: Example ofLook Alike Interface In figure 5, it is the phishing site uses authentic PayPal logo, font and color that used by the authentic website. The attackers try to convince users to believe this website is the authentic website by including title page which is Random Account Verification, tabs on top of the page, the log in link, the help link and especially the Secure Verification symbol with lock. But one of the things that can recognize this is a phishing site by having a look at the address of it which an IP address is being use. 2.1.3.2Chart1:New Phishing Sites by MonthJan 2007 to Jan 2008 Anti-Phishing Working Group Phishing Activity Trends (Report for the Month of January, 2008) (Anti-Phishing Working Group) [Online] Available https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] There are 20,305 phishing websites being detected by APWG at January 2008 where there are about 5,023 cases decrease compares to December 2007. At the first quarter of year 2007, there are 64,555 new phishing sites while there are 124,790 new phishing sites reported in second quarter of year 2007, 60,235 new phishing site increased compare to first quarter of year 2007. In the third quarter of year 2007, there are 33,697 new phishing sites decreased compare to second quarter of year 2007 which the there are 91,093 new phishing sites. In the fourth quarter of year 2007, there are 83,224 new phishing sites which are 7,869 new phishing sites less then third quarter of year 2007. In the comparison between January year 2007 with January year 2008, there are 6,916 new phishing sites less. 2.1.3.3Chart2:Hijacked Brands by MonthJan 2007 to Jan 2008 Anti-Phishing Working Group Phishing Activity Trends (Report for the Month of January, 2008) (Anti-Phishing Working Group) [Online] Available: https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] According to the research that carried out by APWG, there are actually drops in hijacking of brands in January 2008 compare to December 2007. The figures of hijacked brands drop to 131 at January 2008 compare to December 2007 which have 144 reported hijacked brands. From the chart, it shows that there are 436 total hijacked brands for the first quarter of year 2007. At the second quarter of year 2007, there are 469 hijacked brands which are 33 hijacked brands increase compare to first quarter of year 2007. In third quarter of year 2007, there are decreases of 122 hijacked brands compare to second quarter of year 2007 which there are 347 hijacked brands in third quarter of year 2007. At the fourth quarter of year 2007, there are 442 hijacked brands which are 95 hijacked brands more compare to third quarter of year 2007. In the comparison between January year 2007 and January year 2008, there are 4 hijacked brands less in January 2008. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.2 Categories of Phishing Attack Phishing is actually being divided into categories like deceptive phishing, malware based phishing, content injection phishing, man in the middle phishing and search engine phishing. 2.2.1Deceptive Phishing Deceptive Phishing:it is performs by sending the targeted victims an email that required the recipient to click on the hyperlink to respond to the action that specify in the email. 2.2.2Malware Based Phishing Malware Based Phishing:it is done by running malware like keylogger, session hijacker or web Trojan at the users computer. 2.2.3Content Injection Phishing Content Injection Phishing:for this type of phishing technique, malicious content are being insert into a legitimate site by exploiting the vulnerability of servers security or by SQL injection. 2.2.4Man In The Middle Phishing Man In The Middle Phishing:for the man in the middle phishing, the attackers need to get in between the sender and receiver to get all the information and select the information that are usable to them. 2.2.5Search Engine Phishing Search Engine Phishing:-in search engine phishing, attacker will need to set up a website that contain of fake product and getting the site index by the search engine. When a consumer responds to the product, attacker will receive the sensitive personal information. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.2.6Chart3:Statistic of Phishing FromJanuary 2007 to January 2008 Anti-Phishing Working Group Phishing Activity Trends (Report for the Month of January, 2008) (Anti-Phishing Working Group) [Online] Available: https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] According to the research from Anti Phishing Working Group (APWG), there are 29,284 phishing cases happen in January 2008. The numbers of cases are increasing 3,601 report compare to the phishing report that had been reported in December 2007 which are 25,683 cases reported. At the first quarter of year 2007, there are 78,393 cases in phishing reports received while at the second quarter of year 2007, there are 75,959 cases in phishing reports received where 2,434 cases decrease compare to first quarter of year 2007. In the third quarter of year 2007, there are 88,055 cases in the phishing reports received which 12,096 cases increased compare to second quarter of year 2007. While there are 85,407 cases phishing reports received at fourth quarter of year 2007. There are 2,648 cases decreased compare to third quarter of year 2007. In the comparison between phishing reports received at January 2007 which are 29,930 cases received and 29,284 cases reported at January 2008, there are 646 cases decrease in phishing report received. 2.2.7Chart 4:Attackers Targets Area Anti-Phishing Working Group Phishing Activity Trends (Report for the Month of January, 2008) (Anti-Phishing Working Group) [Online] Available: https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] According to the chart that provided by APWG, financial services are the focus point of attackers which the phishing on financial services are the highest which are at rate of 92.4% compare to retail which is 1.5%, ISP that is 3.8% and government miscellaneous which are 2.3%. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 2.2.8Chart 5:Top 10 Phishing Sites Hosting Countries Anti-Phishing Working Group Phishing Activity Trends (Report for the Month of January, 2008) (Anti-Phishing Working Group) [Online] Available: https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] According to the pie chart, we can see that, United States is the top of country in hosting phishing sites which are 37.25% from all of the hosting country. Follow by United State, Russia Federation is the second top of phishing site hosting country which is 11.66%, follow by china which is 10.3%, Germany which is 5.64%, Romania 5.09%, Republic of Korea 3.77%, France 3.28%, Canada 1.94%, United Kingdom 1.92% and at the last is Italy with 1.59% of phishing sites hosting country. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 3.0 What is Pharming Attack In the last topic was about the internet fraud called as phishing, the sending of bogus email with hyperlink that required user to respond to the action that specified in the message by clicking on the hyperlink. The hyperlink will redirect user to fraudulent website that look like the authentic website. Because of the raising of user awareness on phishing, pharming is being develop and use as one of the technique of internet frauds to solicit targeted victims sensitive information. Pharming uses technical subterfuge to solicit the targeted victims sensitive personal information and it is more sophisticated then phishing. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 3.1 Techniques of Pharming 3.1.1SendingEmail Pharming is carried out by attackers in several ways. The attacker will send email to the targeted victims that contained of viruses or Trojan horse that will download and run on the users computer. The recipient of the email can be duped by the attackers even they did not open or download the attachment in the email. The viruses or Trojan horse contained in the email will install small application in the recipients computer that will tries to redirect the recipient to the fraudulent website when the recipient try to visit an authentic website. Pharming can also be performed by not sending email. Pharming can also be carried out by perform using techniques like DNS cache poisoning, domain hijacking, DNS server hijacking and malconfiguration of setting or rewrite the firmware of router. 3.1.2 DNS Cache Poisoning DNS cache poisoning can be carry out by using malicious responses or taking of DNS software vulnerability to poison the cache that store queries made by user in certain amount of time in order to improve the speed of respond to user. After the cache being poison, when user make queries at the DNS, the user will be redirect to the fraudulent website. 3.1.3 Domain Hijacking While domain hijacking is perform by skipping the confirmation of the old domain registrar and the domain owner where the change of domain registrar can only be make with the confirmation from three parties, the domain owner, old registrar and new registrar. 3.1.4 DNS Server Hijacking Pharming also can be performing through DNS server hijacking. DNS server are responsible as the signposts of internet which it will change the domain name into the IP address. To hijack a DNS server, the attacker will first targeted the DNS server on the LAN or DNS server hosted by the ISP to change the IP address of an authentic websites domain name to the IP address of fraudulent website. When user tries to visit the authentic website, queries will be makes on the DNS server for the IP address of the domain name. Because of the IP address of the domain name had been changed, it will redirect user to the fraudulent website. When user being redirect to the fraudulent website, they will perform the activities that they wish to perform at the website because the address display in the address bar remain the same with the authentic websites address and they think that they are accessing the authentic website. Through the activities that perform by the user, attacker will be able to obta in the information that they wish to obtain. The website that always targeted by the attackers is normally those address that start with HTTP but not HTTPS because the website is without SSL protection. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 3.1.4.4Figure 4: HowDNS Server Hijacking Works Nilesh Chaudhari Pharming on The Net Palisade [Online] Available: https://palisade.plynt.com/issues/2006Mar/pharming/ [Accessed: 10 September 2008] Attacker targeted the DNS server on the LAN or DNS server hosted by the ISP to change the IP address of an authentic websites domain name to the IP address of fraudulent website User tries to visit the authentic website Queries will be makes on the DNS server for the IP address of the domain name The IP address gathered from the DNS server is the IP address of fraudulent website User is being redirected to the fraudulent website 3.2.5Malconfiguration of Setting or Rewrite Firmware of Router Pharming can also be done through malconfiguration of setting or rewrite the firmware of the router. Once the setting or firmware of the router being configure, the computers that connected to the router will automatically redirect to the DNS server that control by the attacker when they try to visit a website. This technique is being used for pharming because the change of setting or firmware of router is hard to detect and the malicious firmware will work as how the manufactures firmware works. In addition, the administration page and setting of the router will still remain the same. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 4.0 What Impacts Caused By Phishing and Pharming 4.0.1 Lost of Financial There are impacts that caused by rising of phishing and pharming. One of the impacts that caused by phishing and pharming is the lost of financial on both organizations and consumers. According to the InternetNews.com, there are about $1.2 Billion lost in financial of banks and credit card issuers at year 2003, while at year 2004, there is about 12 Million lost in financial reported by the Association of Payment Clearing Services in United Kingdom. Due to the credit card association policies, the online merchants that accepted and approved transactions made by using credit card numbers which solicit through internet fraud may need to liable for the full amount of those transactions. This may cause hard-hit to those small organizations. 4.0.2 Lost of Time and Wages The victims of phishing and pharming might need to spend time in clearing infect of phishing and pharming to them. But if the attacking on the victims was discover slower and then victims might need to take more time to resolve the problem. This might cause the victims in lost of time for their work and lost of wages. 4.0.3Undermining of Consumer Trust Another impact that caused by phishing and pharming is the undermining of the consumers trust in the secured internet transaction or communication. This situation occurred because the internet fraud like phishing and pharming made consumer feel uncertain about the integrity of the financial and commercial websites although the web address display in the address is correct. Undermining of consumer trust might also happen if the financial and commercial website lost the consumers data file or the sensitive information of consumer is being access by attackers. 4.0.4Law Investigation Become Harder Phishing and pharming also caused some impact on the Law investigation. It makes the law investigation become harder because the technique that used by attackers to perform phishing and pharming is more sophisticated. In nowadays, those attackers can perform all of the phishing and pharming attack at a location that provided with the internet connection. With the available of internet connection, they can make use of it to perform attacking activities. Those activities included the control of a computer located in one place to perform phishing and pharmings attack by using computer located at another place. The investigation become harder also because of the division of attacking tasks to several people located in different locations. 4.0.5Brand Reputation Damage Phishing attack will also cause damage in the brand reputation, which the peoples trust in the brand will reduce if they get the phishing email from the respective brand. In additional, brand reputation might also be damage if the respective brand lost their consumer data file or the sensitive information of their consumer is being theft. 4.0.6 Impacts on IT Resources and Administrator Phishing and pharming attack might also cause serious impact on both IT resources and administrator of the IT resources. The phishing email that send in large amount of quantity might take up the free space of email server and this might cause in reducing of the system performance of email server. Due to the attack of phishing attack, the administrator of IT resources might need to repair their system in order to clean the system from the infection. The IT administrator might need to perform some task like patch the system, shut down application and service, filer Transmission Control Protocol (TCP) ports and apply hotfixes. In order to reduce the chance of being attack by phishing and pharming in the future, IT administrator might also need to educate the end user in order to reduce the change of being attack. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 5.0 How to Prevent and Stop Phishing and Pharming Attacks The attack of phishing and pharming are on rising. Peoples are actually come out with numbers of ways in order to remediate or minimize the chance of being attack by phishing and pharming. 5.0.1 Secured Socket Layer Certificate First of all, at the side of website developer, SSL (secured sockets layer) certificate can be use in protecting the website by establish the identity of the website because SSL certificate cannot be duplicate easily and SSL certificate are also good in alerting user about the attack of phishing and pharming. The address of a website that protected by using SSL certificate will initial by using HTTPS but not HTTP. 5.0.2 Visual Cues Phishing and pharming can also being prevent by using visual cues at the authentic website so that user can differentiate between the authentic website with the fraudulent website. The visual cues can be as simple as a symbol in a colored box. The visual cues will remain the same when every time user log into the website. Identity Cues is one of the programs that can use to provide visual cues for a website. 5.0.3 Token Based Authentication At the side of being a web developer, technique like token based authentication can also be used to prevent from phishing and pharming because it provided layer of security. It is suitable to use as the technique in preventing phishing and pharming because the time based token is hard to duplicate by attackers. 5.0.4Switch Off Recursion Queries Others from using SSL certificate or visual cues in protecting the website from being attack by phishing and pharming, the DNS server that being use should also being secure by switching off the recursion queries so that the DNS cache poisoning will not work effectively. 5.0.5Install DNS Security Extension To secure the DNS server, DNSSEC (DNS Security Extensions) should also be installed to secure DNS server from the attacking of phishing and pharming. 5.0.6 User Self Awareness Users are also playing important role in preventing of phishing and pharming attack. As a user, they should not trust or open any email that send by unknown sender or email that send by bank that required recipient to respond to it like verify your account. In addition, when user visit a website with SSL certificate protection and when there is a message displaying that your exchange with this site cannot be viewed or change by others. However, there is a problem with the sites security certificate, the users should confirm that did the website that they visit give this message in earlier or check on the web address at the address bar so that it is the same as the site they want to access. This message normally will be display when the servers SSL certificate is not match with the websites URL. User can also look for the lock or key icon at the bottom of the browser that lock the site they want to enter their sensitive personal information. 5.0.7 Install Security Suite In the users computer, security suite or firewall should also be installed to protect computer against phishing and pharming. Security suite that can use to prevent or detect the attack of phishing and pharming is like AdAware, Windows Defender, Spybot Search and Destroy. After installing those security suites in the computer, user need to make sure that the detection definition of the security suite is up to date so that it can provide the maximum protection for the computer. 5.0.8 Web Browser Phishing and Pharming Preventing Tools Some additional tools are also available for web browser in preventing phishing and pharming attack. Those additional tools are like Google Safe Browsing, Netcraft toolbar, Microsoft Phishing Filter for MSN toolbar, Cloudmark Anti_fraud toolbar and PhishingGuard. 5.0.9 ReportPhishing and Pharming Attack As a user, they are also responsible to report to the related company or agencies when they are being attacked by phishing and pharming. They should report about what is the character that acts by the attacker to lure user in providing their sensitive personal information or report it to law enforcement agencies through internet or telephone. Those actions will help to stop the attack of phishing and pharming. 5.0.10 Anti Phishing Act By Government The work of preventing phishing and pharming are not only the responsible of web developer and user, government also responsible to fight against phishing and pharming. At United State, an act called Anti Phishing Act of 2005 was introduced to fight against the phishing attack. This act was introduced by Sen Patrick Leahy at Senate of United State. It was introduced with the introducing of two new crimes into the United State code, the prohibit creation or procurement of a website or the prohibit creation or procurement of an email that pretending it is from a legitimate business and try to solicit targeted victims sensitive personal information. The phishers will be charge under these laws no matter they successful gather sensitive information through phishing attack or unsuccessful, they could be spending up to 5 years in prison or they may also have to pas $250,000 fine. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 6.0 Does The Laws Stop The Attacks 6.0.1 Case 1: Jailed for Identity Theft Twenty eight people in seven countries including in United State were arrested for trafficking stolen bank and credit card numbers and personal information over the internet. Those twenty eight people are the members of Shadowcrew.com. There operations of these members are in the sight of US Secret Service Agents after two years they had set up the identity theft ring. The operation of US Secret Service Agents was help by the former gang member turned informant in autumn of year 2004. The goal of this operation is to target the top tiered people that operate Shadowcrew.com. After year long of investigation, twenty eight people are arrested while some of them are still in trading when policed arrived. One of the people that arrested, Wellman, 35, from Liverpool was sentenced for six year due to the reason of his part in the conspiracy. Another three people which is Smith, 22 from Camberley, Surrey, Murphy, 24, from Northwich, Cheshire and Kotwal, 25 from Bolton have been jail for nine month. 6.0.2 Case 2: Jailed for Running Bogus MSN Billing Website Jayson Harris, 23 was sentenced for 21 months due to the reason of running a bogus MSN billing website between January 2003 and June 2004. A spam email is being sent to recipient to encourage recipient to visit the site with link included and telling the MSN customer that they would get 50% discount on the next months service by updating their account information and credit card number at the site. Harris is then being tracked by Microsoft and involve in the investigation of FBI into the fraud. 6.0.3Case 3: Jailed for Six Years forDefrauding Up to 1.6m Peter Francis Macrae, 23 from St Neots, Cambridgeshire was arrested after threatening Nominet UK which is the registry that controls the dot-uk domain. Because of Nominet warned businesses not to fall to the bogus invoice, Francis Macrae launched a botnet attack to the organizations system which consists of 200,000 zombie computers. He is being jailed for six years for defrauding up to 1.6m. He tricked thousands of business in registering a dot-eu domain name by sending fraudulent email to the companies. In the email said so, those company need to pay renewal fee to avoid from losing the existing domain name. 6.0.3Laws Did Stop The Attacks Studies the three cases did show that, the laws of Anti Phishing Act did successfully punish the attackers that perform phishing attack with jailed for at least nine (9) months and the most jailed six (6) years. None of them from the cases that being studies are punished by fine in cash. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 7.0 Conclusion Phishing is about the use of social engineering by performing online imitation of brands to send spoof email that contain of hyperlink to fraudulent website to solicit users sensitive personal information like credit card number, PIN, mothers maiden name and etc. Phishing can also be done through installing keylogger at users computer. Pharming use technical subterfuge like, DNS hijacking, DNS cache poisoning, domain hijacking, routers setting or firmware malconfiguration to redirect users to a fraudulent website. Pharming may also perform by sending the targeted victims an email that contained of viruses or Trojan horse that will install small application that will redirect user to fraudulent website. There are impacts that caused by both phishing and pharming. Those impacts included the lost of financial, lost of time and wadges, undermining of user confident in secured online transaction or communication, hard hit to small organizations and cause the law investigation harder. As a web developer, SSL certificate, switching off the recursion queries or DNS security extension should be apply because it can protect the DNS or website from phishing and pharming attack. Visual cues can also be use so that user can easily differentiate between authentic website and fraudulent website. Token based authentication also one of the technique that can be apply to protect the website or DNS server from phishing and pharming attack. Users are also responsible to protect their self from phishing and pharming attack by not opening email or download attachment from unknown sender or email that required user to respond by clicking on the hyperlink contained in the email. User should also double confirm the URL at the address bar when a warning message like SSL certificate do not match with the sites appear. User can also install security suite or firewall in the computer in order to protect them from phishing and pharming. User can also look for the lock or key icon at the bottom of the browser that lock the site they want to enter their sensitive personal information. As a user, they can also report the attack of phishing and pharming to the related agencies or company through internet or telephone to assist the work of minimize the attack. In addition, laws are also being introduced to against phisher and pharmer. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ 8.0 Reflection After having looked back on the report, I used to find out on what needed to do so that can improve on the report and how to make it better. After the research, much knowledge gained on Phishing and Pharming attacks like how the attack of phishing and pharming being done, the impacts that caused by phishing and pharming attack. Last but not least, knowledge in how to prevent from being attack by phishing and pharming attack is also gained. Truth to be told, the research is quite huge and detail. It takes a lot of time in this part. To do a complete research on phishing and pharming not saying that is impossible, but it will take time to do it. At this moment, the research is just to make sure that it is enough to complete the report. After finished the report and presentation, free time might spend to do more research on it. As what said just now, the knowledge that earn might be useful in future, because knowledge is power. As for the research that that had done, spent adequate amount of time had spent into it and adequate methods and approaches to get the information also being used. The methods and approach that used is through research from internet because it is free, up to date information and many available sources for the topic. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Appendix ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Phishing email example ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Below is a screen capture of an email I received that claimed to be from eBay. The link led to a replica of the eBay login page that was used to trick users into entering personal information. The page used the createPopup vulnerability to mask its identity so that the address appeared legitimate. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Sample Phishing Spam eBay ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ A particularly dangerous spam and commonly known asPhishingattempts to trick recipients into disclosing personal sensitive information, such as login names, passwords or credit card information. It works by requesting users to click on a link to login into their account to update certain information. Visitors are instead directed to counterfeit websites which are exact duplicates of the actual website. Any information entered into the counterfeit website is then captured and stolen for identity theft. Favorite targets are eBay, PayPal and other well known financial institutions In the interest of originality, the body of the message is left unaltered as much as possible. But for security reasons, and to protect the reputation of our own website from being seen as linking to bogus websites, the links in the spam message have been disabled. Placing your mouse over them will show the original url it intended to link to, but clicking on them will bring you to spamhaus.org, a non-profit organization for combating spam. From: [emailprotected]/* */ [emailprotected]/* */ To: [emailprotected]/* */ Date: Tue, 29 Aug 2006 10:56:20 -0700 Subject: [TKO] : your (eBay) account could be suspended The message above has been cropped as it wont fit into such a small space. To view the full message, please click here for the fulleBay Phishing Spam. A new window will open displaying the entire message in html format. Points to note :- Forged from email [emailprotected]/* */ The spam originated from New York, USA The counterfeit website it was pointing to is https://www.vbsf.dk/signin.ebay.com Notice the misleading url name. The website was formerly registered to a dutch, but it had expired and was snapped up by the spammer. By the time we investigated the website, it had already been shutdown, probably as a result of complaints from the public. This message made it past our Yahoo spam filter. It uses html email and pulls the images directly from eBays server. This could explain why it slipped past Yahoos filter. In the body of the message itself, none of the purported links to eBay works. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ VISA Notice from VISA ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Summary Email title: Update or verify your account informations Scam target: VISA credit card owners Email format: HTML email (code can be seenhere) Sender: Visa Service Department [emailprotected]/* */ Sender spoofed? Yes Phish punch line : To ensure your Visa cards security, it is important that you protect your Visa card online with a personal password. Please take a moment, and activate for Verified by Visa now Scam goal: Getting victims VISA credit card number, expiration date, verification number and PIN. Phish link method a Click here type link Visible link: Activate Now for Verified by Visa link in the bottom of the email Link masked? Yes Actual link to https://usa.visa.com/track/dyredir.jsp?rDirl=https://200.251.251.10/.verified/ Phish website IP: 200.251.251.10 E-mail This phish combines some very dangerous tricks, perfect execution and a flaw in VISAs legitimate site to create the most dangerous phish scam yet. The email message it is being spreaded with looks perfect: It is much more convincing that the usual phish stuff. The sender i spofed, and the link is masked. But even further if the link is examined, it turns out it leads to the following URL: https://usa.visa.com/track/dyredir.jsp?rDirl=https://200.251.251.10/.verified/. And this is a URL that is really on the visa.com page! It turns out that the phishers have used a redirect page on the visa.com site to redirect to the phish server. Web Site Visible link: Activate Now for Verified by Visa link in the bottom of the email Link masked? Yes Actual link to https://usa.visa.com/track/dyredir.jsp?rDirl=https://200.251.251.10/.verified/ Phish website IP: 200.251.251.10 The site itself uses a visually perfect address bar spoof, in addition to being very convincing design-wise. The real URL is visible in the properties page. The only other visible phishing clue is the missing padlock icon in the right part of the status bar, which is inconsistent with the https in the forged address bar: Notice the lack of a login screen, too. And to make the things even more convincing, the site checks the credit card number using a commonly available algorhytm. This does not require or reveal any information about the bank account behind the CC, but it would reject a random bogus number, which could make the potential victim trust the site. After the data is phished, the site will just redirect to the legitimate usa.visa.com, as if nothing has happened. WHOIS information (for IP 200.251.251.10): inetnum: 200.251.251.0/26 registrar: registo.br, Brazil aut-num: AS4230 abuse-c: GSE6 owner: Fundao LHermitage ownerid: 001.444.385/0001-49 responsible: Marcelo Machado Gomes address: Rua Doutor Camilo, 187, address: 30240-090 Belo Horizonte MG phone: (31) 32891888 [] owner-c: MMG27 tech-c: MMG27 created: 20020828 changed: 20020828 inetnum-up: 200.251/16 ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Phishing Web Site Methods ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ The fraudulent web site that supports the phishing email is designed to mirror the legitimate web site it is purporting to be. The fraudsters use multiple methods to do this, including using genuine looking images and text, disguising the URL in the address bar or removing the address bar altogether. The purpose of the web site is to trick consumers into thinking they are at the companys genuine web site, and giving their personal information to the trusted company they think they are dealing with. 1. Genuine Looking Content Phishing web sites utilize copied images, text and in some cases simply mirror the legitimate web site. This will contain the normal links on the web site such as contact us, privacy, products, services etc. The user recognizes the website content from the genuine site and are unaware they are not on the genuine web site. 2. Similar looking URL to Genuine URL Some phishing web sites have registered a domain name similar to that of the organization they are appearing to be from. For example, one phishing scam we received targeting Barclays Bank used the domain name https://www.barclayze.co.uk. Other examples include using a sub-domain such as https://www.barclays.validation.co.uk, where the actual domain is validation.co.uk which is not related to Barclays Bank. 3. Form Collection of Information The most common method used to collect information in phishing scams is by the use of forms on the fake web site. The form is normally displayed in the same format as that used on the genuine web site. This may be an Internet Banking log-in, or a more detailed form for verification of personal details, with many fields for personally sensitive information. 4. Incorrect URL, not disguised Some phishing scam web sites do not even attempt to deceive users with their URL, and hope that the user does not notice. Some simply use I.P Addresses displayed as numbers in the users address bar. 5. URL Spoofing of Address Bar (Fake) This form of URL spoofing involves the removal of the address bar combined with the use of scripts to build a fake address bar using images and text. The link in the phishing email opens a new browser window, which closes and re-opens without the address bar, and in some case the status bar. The new window uses HTML, HTA and JavaScript commands to construct a false address bar in place of the original. (See figure 1 below) As this method utilizes scripts, it is only possible to stop this form of deception by disabling active x and JavaScript in browser settings. As most web pages utilize these normal tools, this is impractical. 6. Hovering Text Box over Address Bar This form of URL spoofing involves the placement of a text object with a white background over the URL in the address bar. The text object contains the fake URL, which covers the genuine URL. As this method utilizes scripts, it is only possible to stop this form of deception by disabling Active X and JavaScript in browser settings. As most web pages utilize these normal tools, this is impractical. 7. Pop Up Windows This form of deception involves the use of script to open a genuine webpage in the background while a bare pop up window (without address bar, tool bars, status bar and scrollbars) is opened in the foreground to display the fake webpage, in an attempt to mislead the user to think it is directly associated to the genuine page. (See figure 6 below) As this method utilizes scripts, it is only possible to stop this form of deception by disabling Active X and JavaScript in browser settings. As most web pages utilize these normal tools, this is impractical. 8. Trojans / Spyware Trojan and worm viruses are sent to the user as an email attachment, purporting to be for some type of purpose, such as greetings, important files or other type of SPAM email. The attachment is a program that exploits vulnerabilities in Internet Browsing software to force a download from another computer on the Internet. This file downloads other files and codes, which eventually installs a fully functional Trojan virus. The Trojan is designed to harvest, or search for personal banking information and passwords, which many people keep on their computer. This information is then sent to a remote computer on the Internet. Other worms have been known to hijack the users HOST file, which causes an automatic redirection to a fake phishing web site when the user types in a specific URL (normally for a specific financial institution) into the address bar of their Internet browser. Spyware, such as keyboard loggers, capture information entered at legitimate web sites, such as Internet banking sites. This type of spyware can be planted on a users computer using a previous worm or Trojan infection. Any information the spyware captures is sent to a predetermined computer on the Internet. A recent phishing scam used the link in the email to direct the users browsers to a site to first download keyboard logging spyware before redirecting the user to the genuine Internet banking web site. This spyware captured the login information entered, and sent this information to the fraudsters via a remote computer on the Internet. ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ Bibliography Anonymizer.Inc What is Pharming? [Online] Available: https://www.anonymizer.com/consumer/threat_center/pharming.html [Accessed: 08 September 2008] Anti-Phishing Act of 2004 (Introduced in Senate) [Online] Available: https://mineco.fgov.be/internet_observatory/actualities/pdf/AntiPhishingAct2004.pdf [Accessed: 31 October 2008] Antiphishing.info Laws That Protect The Internet From Phishing, Congress and Phishing [Online] Available: https://www.anti-phishing.info/congress-and-phishing.htm [Accessed: 31 October 2008] Anti-Phishing Working Group VISA Notice from VISA [Online] Available: https://www.antiphishing.org/phishing_archive/12-14-04_VISA/12-14-04_VISA.html [Accessed: 08 September 2008] BBC News Bank Phishing Attacks On The Rise [Online] Available: https://news.bbc.co.uk/2/hi/business/7523253.stm [Accessed: 31 October 2008] BBC News Man Charged Over Africa eBay Scam [Online] Available: https://news.bbc.co.uk/2/hi/uk_news/wales/mid_/5389222.stm [Accessed: 31 October 2008] BBC News Phishing Attacks Soar In TheUk [Online] Available: https://news.bbc.co.uk/2/hi/technology/7348737.stm [Accessed: 31 October 2008] BBC News Which? Highlights Phishing Losses [Online] Available : https://news.bbc.co.uk/2/hi/business/6401079.stm. [Accessed : 31 October 2008] Carnegie Mellon University Anti-Phishing Phil [Online] Available: https://cups.cs.cmu.edu/antiphishing_phil/ [Accessed: 10 September 2008] Computerweekly.com Antony Savvas Online Fraudsters Get 10 Years [Online] Available: https://www.computerweekly.com/Articles/2005/06/28/210626/online-fraudsters-get-10-years.htm. [Accessed: 31 October 2008] Cybercrime The Law [Online] Available: https://library.thinkquest.org/04oct/00460/law.html#phishing [Accessed: 31 October 2008] Dawn Hicks Phishing and Pharming: Helping Consumer Avoid Internet Fraud. (Federal Reserve Bank of Boston) [Online] Available: https://www.bos.frb.org/commdev/cb/2005/fall/phishpharm.pdf [Accessed: 20 August 2008] Federal Trade Commission How Not to Get Hooked by a Phishing Scam [Online] Available: https://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm [Accessed: 10 September 2008] Computer Crime Research Center Plugging The Phishing Hole: Legislation Versus Technology [Online] Available: https://www.crime-research.org/analytics/phishing_duke/ [Accessed: 31 October 2008] Fernando De La Cuadra Pharming a new technique for internet fraud [Online] Available: https://www.crime-research.org/news/07.03.2005/1015/ [Accessed: 08 September 2008] FindLaw Anita Ramasastry The Anti-Phishing Act of 2004 : A Useful Tool Against Identity Theft [Online] Available: https://writ.news.findlaw.com/ramasastry/20040816.html [Accessed: 31 October 2008] FraudWatch International Phishing Web Site Methods [Online] Available: https://www.fraudwatchinternational.com/phishing-fraud/phishing-web-site-methods/ [Accessed: 01 November 2008] Grant Gross Anti-Phishing Act Pushes for 5 Years and $250,000 Fine [Online] Available: https://archive.thestandard.com/internetnews/002819.php [Accessed: 31 October 2008] Gunter Ollmann The Phishing Guide, Understand Preventing Phishing Attacks [Online] Available: https://www.ngssoftware.com/papers/NISR-WP-Phishing.pdf [Accessed: 10 September 2008] Gunter Ollmann The Pharming Guide, Understanding Preventing DNS-related Attacks by Phishers [Online] Available: https://www.nextgenss.com/papers/ThePharmingGuide.pdf [Accessed: 13 September 2008] Gregory M. Lamb. New Twist On Phishing Scam Pharming. [Online] Available: https://www.csmonitor.com/2005/0505/p13s01-stin.html [Accessed: 04 September 2008] Henri Sivonen Thoughts on Using SSL/TLS Certificates as the Solution to Phishing [Online] Available: https://hsivonen.iki.fi/phishing-certs/ [Accessed: 08 September 2008] Internetnews.com Chris Nerney Trolling For Anti-Phishing Laws [Online] Available: https://www.internetnews.com/commentary/article.php/3382421 [Accessed: 31 October 2008] John Leyden US andRomaniaDredge Up 38 Phishing Suspects [Online] Available: https://www.theregister.co.uk/2008/05/20/us_romania_nets_phishing_suspects/ [Accessed: 31 October 2008] Martin in Hacking, The Web Introduction to new phishing techniques [Online] Available: https://www.ghacks.net/2007/02/16/introduction-to-new-phishing-techniques/ [Accessed: 08 September 2008] McAfee Phishing and Pharming Understanding phishing and pharming [Online] Available: https://www.mcafee.com/us/local_content/white_papers/wp_phishing_pharming.pdf [Accessed: 08 September 2008] Michelle Delio Pharming Out-Scams Phishing [Online] Available: https://www.wired.com/techbiz/it/news/2005/03/66853 [Accessed: 10 September 2008] Microsoft Spear phishing : Highly targeted phishing scams [Online] Available: https://www.microsoft.com/protect/yourself/phishing/spear.mspx [Accessed: 10 September 2008] MoPo.Ca Web site scams Pharming Farming [Online] Available: https://www.mopo.ca/pharming-scam-hoax.html [Accessed: 08 September 2008] Mortgage Investments.com Phishing Sample Citibank [Online] Available: https://www.mortgage-investments.com/Credit_reports/phishingsample.htm [Accessed: 08 September 2008] Pay Pal Phishing Scam Website Example [Online] Available: https://www.justtext.com/credit-card-fraud/pay-pal-scam/fraud-scam-website/phishing-website.html [Accessed: 01 November 2008] Phishing Activity Trends Report for the Month of December, 2007 [Online] Available: https://www.antiphishing.org/reports/apwg_report_dec_2007.pdf [Accessed: 13 September 2008] Phishing Email Example [Online] Available: https://code.jenseng.com/createPopup/email.html [Accessed: 08 September 2008] Phishing (fraud.org) [Online] Available: https://www.fraud.org/tips/internet/phishing.htm [Accessed: 10 September 2008] Phishinginfor.org How Phishing Works [Online] Available: https://www.phishinginfo.org/how.html [Accessed: 08 September 2008] Privacy Rights ClearingHouse Alert : Watch out for Phishing Emails Attempting to Capture Your Personal Information [Online] Available: https://www.privacyrights.org/ar/phishing.htm [Accessed: 08 September 2008] Spam Blockers Sample Phishing Spam -eBay [Online] Available: https://www.spam-site.com/sample-ebay.shtml [Accessed: 08 September 2008] Symantec Corporation Online Fraud : Pharming [Online] Available: https://www.symantec.com/norton/cybercrime/pharming.jsp [Accessed: 10 September 2008] Symantec Corporation Phishing [Online] Available: https://www.symantec.com/norton/security_response/phishing.jsp [Accessed: 10 September 2008] Tom Young Computing New phishing technique discovered [Online] Available: https://www.computing.co.uk/computing/news/2174236/phishing-technique [Accessed: 08 September 2008] United States Computer Emergency Readiness Team Report Phishing [Online] Available: https://www.us-cert.gov/nav/report_phishing.html [Accessed: 10 September 2008] University of Maryland, Baltimore Country Sample Phishing E-mail Received by myUMBC Account Holders [Online] Available: https://spaces.umbc.edu/display/oit2/Sample+Phishing+E-mail+Received+by+myUMBC+Account+Holders [Accessed: 08 September 2008] U.S. Senator Patrick Leahy [Online] Available: https://leahy.senate.gov/press/200407/070904c.html [Accessed: 31 October 2008] Viruslist.com Nikolay Grebennikov [Online] Available: https://www.viruslist.com/en/analysis?pubid=204791931 [Accessed: 01 November 2008] ________________________________________________________________________ Teoh Khai Zihh Bolton ID: 0711161 Page 3 of 62 Phishing and Pharming: What is happening in this area, the impact of this and how can it be stopped? ____________________________________________________________________________________________________________ References Antiphishing.info Botnet Threats and Solutions : Phishing [Online] Available: https://www.antiphishing.org/sponsors_technical_papers/trendMicro_Phishing.pdf [Accessed: 01 November 2008] BBC News Lucy Rodgers Smashing The Criminals E-bazaar [Online] Available: https://news.bbc.co.uk/2/hi/uk_news/7084592.stm [Accessed: 31 October 2008] ComputerWeekly.Com Antony Savvas Phisher Jailed For 21 Months [Online] Available: https://www.computerweekly.com/Articles/2006/06/23/216614/phisher-jailed-for-21-months.htm [Accessed: 31 October 2008] ComputerWeekly.Com Antony Savvas UKSpammer Jailed For Six Years [Online] Available: https://www.computerweekly.com/Articles/2005/11/18/213022/uk-spammer-jailed-for-six-years.htm [Accessed: 31 October 2008] Bustathief.com What is Phishing eBay Phishing Examples [Online] Available: https://www.bustathief.com/what-is-phishing-ebay-phishing-examples/ [Accessed: 31 October 2008] Fraud Protection Center Phishing Site Example [Online] Available: https://fraudcenter.zks.freedom.net/html/phishing_site_example.html [Accessed: 01 November 2008] Help Net Security Impact of Phishing on The Reputation of Brands (26 November 2007) [Online] Available: https://www.net-security.org/secworld.php?id=5629 [Accessed: 01 November 2008] Nilesh Chaudhari. Pharming on the Net(March 2006). [Online] Available: https://palisade.plynt.com/issues/2006Mar/pharming/ [Accessed: 10 September 2008] Phishing Activity Trends Report for the Month of January, 2008 (Anti-Phishing Working Group) [Online] Available: https://www.antiphishing.org/reports/apwg_report_jan_2008.pdf [Accessed: 10 September 2008] Recognize phishing scams and fraudulent e-mail (Microsoft) [Online] Available: https://www.microsoft.com/protect/yourself/phishing/identify.mspx [Accessed: 10 September 2008] Ren Haahr Hemmingsen Project Proposal for CPSC 503 Project Department of Computer Science University of Calgary, Canada [Online] Available: https://homepages.ucalgary.ca/~rhhemmin/503/project_proposal.pdf [Accessed: 28 September 2008] SecurityFocus Sachin Shetty Introduction to Spyware Keyloggers [Online] Available: https://www.microsoft.com/protect/yourself/phishing/identify.mspx [Accessed: 01 November 2008] U.S Senator Patrick Leahy. New Leahy Bill Targets Internet Phishing and Pharming That Steal Billions of Dollars Annually From Consumers [Online] Available: https://leahy.senate.gov/press/200503/030105.html [Accessed: 12 September 2008] ________________________________________________________________________