Anti-Phishing medium of communication and contact with family and

Anti-Phishing approaches  

Al-Maha Mohammed Abu Zuraiq

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Princess
Sumaya University of Technology’s

King Hussein
School of Computing Sciences

Information Systems Security and Digital Criminology 

Abstract— The internet become a very important and take essential part in our
life. Also, it’s very important in Epayment transactions in buying and selling
goods and doing different banking transactions activities. And for all this
need of internet in our life, internet phishing has become one of the most
significant issues in cyber-security in cyberspace. We can define phishing as
the way of obtaining confidential information through fraudulent websites that
appear to be look like a legitimate website. it is a kind of as an identity
theft by posing a legitimate entity to trick and cheat user to uncover a
sensitive personal information.in this paper we will show multiple forms of
phishing, stages of phishing attacks, discuss the existing anti-phishing tools
and comparing each tool with platform and approach used.

 

I. INTRODUCTION
 

The internet become a very
important and take essential part in our life. In most activities in people
daily life they are using the Internet. It’s become an important medium of
communication and contact with family and friends by social media applications
and websites. Also, it’s very important in E-payment transactions in buying and
selling goods and doing different banking transactions activities.

And for all this need of internet
in our life, internet phishing has become one of the most significant issues in
cybersecurity in cyberspace. Internet phishing is using the web applications’
vulnerabilities, social engineering and technical ploy to steal user’s identity
and sensitive data like financial account information. Online users may be
tricked facilely into submitting their confidential information for like a
username, email and password to fake websites that has a high similarity in
style and format as the original one. 
user could submit his sensitive information for example his password,
credit card number, bank account and other private or sensitive information
that may cause a considerable loss to the users. This problem is one of the
most critical issues what make users suspect of the e-commerce environment at
all. According to published report by Anti-Phishing Work Group (APWG) which is
formed to keep track current and future phishers’ activities, there is a rapid
evolution of phishes activities and it is targeted many industries such as
online payment services, financial organizations, e-banks, retail and ISP
services, social networks and online governmental organizations. 2

 

 

We can define phishing as the way of obtaining confidential
information through fraudulent websites that appear to be look like a
legitimate website. it is a kind of
as an identity theft by posing a legitimate entity to trick and cheat user to
uncover a sensitive personal information. 

Moreover, there are two major types of phishing websites the
first one is concocted, and the other is spoof sites. Spoof sites are web sites
that exactly look like an existing legitimate website. Concocted websites trick
users by trying to appear as

unique, legitimate entities. 17

 

The internet has become a vital medium of communication and
ways of phishing become more and more intelligent, Phishing can be performed in
different ways for example:

•         
When any user receives an
email asking him for sensitive information to reply it to the sender email or
sent to another email, this case called email-to-email.

•         
email-to-website when an
email that received by someone contains an embedded web address that leads to a
Phishing website.

•         
when user clicking on an online
advert or through a search engine he will reached a Phishing website, it’s
called website-to-website.

•         
browser-to-website happens
when a user misspelled a

web address of a legitimate website on a
browser and then goes to a Phishing website that has a similar address. 

•         
pop-up windows that
encourage the user to enter them sensitive information. Finally, the URL masks
that

conjure up real website address. 18

 

 

 
Advanced forms of phishing:

SEO Tricking: The
SEO or search engine optimization are phishing sites that listed on the black
list and indexed by search engines and inactive wait for victims goes on.

XSS Attacks: the
XSS or cross-site-scripting is a technique used in the legal or legitimate
sites that insert hyperlinks phishing sites into them. Usually using in the
form of discussion forums in comments and replies.

Spy-phishing:
Malwares are used to collect sensitive information like user names or
passwords. Users can be 

x

Hi!
I'm Roxanne!

Would you like to get a custom essay? How about receiving a customized one?

Check it out