Internet becomes a major tool in reaching beyond people.

Web-users are very

interactive and aggressive in sharing information either it causes good or damage to other
individual. Thus, this tool is the most powerful to lessen the timidity of a single person. Yet, this
tool becomes the medium of abducting the personal records that maybe helpful in their
underground operations by the people who have personal interests.

That person has an aim of both to steal confidential information and to gain access to and
control over sensitive systems, whether for political or financially-motivated reasons. From this desire
and due to the evolving world of connectivity_ the Internet, attackers were enable to create destructing
instruments which what we called Phishing and Pharming.

What is the difference of Phishing and Pharming?

Personally, as I heard these terms from our Professor I thought it spells Phishing as “ Fishing” and
Pharming as “Farming” maybe because at that time even up to now, famous facebook applications uses
these terms (e.g. Farm Town and Farm Vill). Until I read the uploaded files from our e-group by our
Professor, that’s the only time I realized that it’s Phishing and Pharming not “Fishing and Farming”.

Phishing

As I’m having my research my comprehension about the Phishing is somehow relatively correct.
Why? Because in reality, phishing is somewhat related to a fish, in that it is used to ‘fish’ for information.
Specifically, phishing is a term used to describe phony email messages, often purportedly from financial
institutions, which ask for personal information such as account or Social Security numbers (David Bank,
2005, 6).

Phishing is the act of sending an e-mail that falsely claims to be from a bank or E-commerce
enterprise. That particular e-mail directs you to visit a cloned website where they asked you to fill-up or
to update your personal information. Obviously, the sender or the attacker wanted to surrender your
private information that will be used for identity theft such as credit card number, passwords, username
and anything that can help them to access you assets.

Pharming

Pharming is somehow similar to Phishing in terms of their illicit result but however they differ in
ways of attaining it. Pharming is the hijacking of an official website's address, usually by hacking a
Domain Name System server and altering the legitimate website's IP address so that users who enter
the correct Web address are redirected to another webpage that was created by the pharmers. The
success of this attack is by implanting weaknesses in the core of the technologies and the operations
that supports the Web that’s why they call it pharming because they farm/plant something within it.

Effects to E-commerce

Phishing and pharming are being funded and supervised by a high syndicate as a primary means
of targeting business firms. Phishing attacks are continuing evolving that they customized it and added
new weapons to their armory. Thus, the organizations should treat them seriously not just a low-level
crime.

The succeeding attacks to the business firms leave a big hole to the E-commerce industry. In the
record of the computer historian, the country that mostly affected by the Phishing and Pharming attacks
is the E-commerce that operates mostly in the Europe country especially United Kingdom.

In a recent global survey about the damage made by the attackers, more than half of the
respondents said they had been subject to sneaky infiltration of their network by a high-level antagonist.
Although this business organizations does not really reveal the exact information of the damages that
they acquired, there still some evidence that shows they were being targeted by the attackers.

The effects are the manifestations that the attackers increasingly used these methods to install
back doors to the organizations that they want to interfere. These allow the attacker to enter the
network at their will: a politically motivated attacker could use this to disrupt the business of an
organization, while a financially motivated attacker might threaten to do so unless they are paid not to
do so.

Attackers
A range of possible aggressors are using pharming and phishing methods to materialize their goals.
This includes:

 Unprincipled competitors – particularly to those nations with weaker commitments to the rules
and laws that govern the operations of the businesses online. Unscrupulous competitors will
seek to steal protected intellectual property or information commercially that could reduce the
organization’s competitive advantage.

 Organized criminals - who use phishing and pharming either for the direct theft of valuable
personal information, or as part of a broader criminal enterprise whose objectives may include
felony and blackmail alongside theft and resale of valuable information.

Organized criminals sometimes sell phishing and pharming toolkits to the less sophisticated
criminals. These toolkits are developed and maintained by sophisticated networks of experts
with business models similar to those of legitimate software brands.

 A number of countries who are actively seeking UK information and material to advance their
own military, technological, political and economic interests as the UK is a high priority
espionage target.

 “Hacktivists” who represent a serious threat. These are politically motivated resisters who are
seeking to embarrass and disrupt the operations of organizations or nation states to which they
are opposed. Politically motivated attackers will usually target large multi-national organizations
or government departments.

(CPNI - A GUIDE TO UNDERSTANDING AND MANAGING THE RISKS July 2010)

 Phishing and pharming attacks should not be seen as isolated incidents but as part of a
complicated threat from well-versed attackers who will try anything they can and apply various means
to achieve their malicious objects.

Identity theft Statistics

When the perpetrator was caught:
• 32% a relative
• 18% a friend
• 4% a fellow worker
• 13% a worker who had access to personal data
• 33% other
Source: BBB survey, published 1/30/05

Different modes of attacks

Phishing
So far, there are two ways of attack that a phisher used_ the mass phishing and spear phishing.

Mass Phishing
Mass phishing became popular that it received a large amount of media attention and coverage
over the last decade. This method is just a normal phishing as what phishing is defined, it sends a
misleading e-mail to the victim or a company and normally convince to click the embedded link at the
bottom of the letter that without knowing you will be redirected to a falsely website.

However, more recent version of this attack did not persuade you to reveal your information but
rather it will convince you to perform such action before or on the cloned site. This could be visiting
website that downloads automatically malicious software on the user’s machine or it could be opening
an email attachment that contains malware. From this, the company would face severe consequences
that may result of losing the data.

The procedure of this attack was very simplistic_ that were produced quickly through a fall
victim and reproduce to as many people as possible. While crude examples had been detected it results
to the awareness of the companies that this method lessened the profit of the organizations of
criminals.

Spear Phishing
Because Mass Phishing became ineffective and also the awareness of the people arises, spear
phishing was developed. This method run through with the advancement of the technology, the
approach of this mode may collaborate by another technology not just the computer alone. Attackers
spend much more time and effort as well as money to have a fruitful result and more success at this
time.

Spear Phishing is highly target against a small group of individuals. It uses prior knowledge to
their target to be able to construct an efficient technique that is far more likely to elicit the intended
response.
Modes of Communication (Phishing)
Both mass phishing and spear phishing used the e-mail, websites, SMS and even voice call as
their instrument in conveying their objectives. Since e-mail is just the easiest way to deceive an
individual, we will proceed to the remaining modes of communication that the attackers may use.

Websites
There are various ways that a user redirected to a malicious websites. It could be through e-mail
where there are links within it, blogs and forums that the attackers used its popularity by placing links
that still direct you to its final blast, and of course copying the entire physical appearance of the
legitimate websites that asks for your personal credentials and security informations.

Mobile Technology (SMS and voice Call)

As mobile internet becomes a widely and commonly used at this time, the attackers somehow
shifted their focus on how to deceive an individual. There are text messages that will catch your
attention that will still guide you to another websites. Voice call is an old way of communicating before
text messaging developed, but the attackers used this as they developed a new way of using this thing.
Mobile Application can be a subject or means of delivering their malicious software when the users
downloaded and installed it to his/her phone.

Pharming
Since Phishing is an electronic form deception that targets people, Pharming is inherently a
technical attack. It focuses on the infrastructure of a certain technology: typically in IP routing and
Domain Name System.

Both IP and the Domain Name are the hearts of the operations that takes place on the
technological capabilities, the attackers used this to exploit and use a vast range of advancement that
maybe by using wireless devices and even fiber optic transmission systems.

Successful attacks on DNS or IP Routing allow the attacker to manipulate to their advantage the
way in which the Internet itself operates. Usually the effect is to present Internet users with a malicious
website when they try to visit a legitimate one.
Countermeasures
The countermeasures that a person or a company can be used can be categorized in three
classes. Technical Countermeasures, Cultural Countermeasures and Mitigation Countermeasures
(CNPI, July 2010).

Mitigation
Technical Countermeasures Cultural Countermeasures
Countermeasure
 Blocking malicious web traffics  Security awareness  Strong
 Filtering spam e-mails  Business processes Segregation
 Detecting and deleting malicious software  Policy  Enhanced
 Blocking sensitive outbound information  Customer Monitoring
 Patching infrastructure expectations Detections
 Hardening infrastructure  Planning for
 Using TLS and SSL Remediation
 Signing of digital communications

Recognition that
Reducing the likelihood of a successful attacks Successful attacks are
inevitable
(CNPI- PHISHING AND PHARMING: A GUIDE TO UNDERSTANDING AND MANAGING THE RISKS, July 2010)

E-commerce is safe as long as you initiate the connection; ensure that you’re using a secure
websites before submitting personal information on the web; check the beginning of the Web address in
your browsers address bar - it should be ‘https://’ rather than just ‘http://’; make sure the yellow lock is
in place located at the bottom of the web browser.

A simple and yet effective way of preventing the attacks.

1. Keep your programs patched!
• Windows: Enable automatic updates
2. Use Microsoft AntiSpyware
3. Beware accepting “free” software (e.g. games)
4. Use one anti-virus program (e.g. McAfee, Norton)
5. If it will make you feel better, use a firewall (e.g.
ZoneAlarm, XP SP2 Firewall)