منابع مشابه
Clickjacking: Attacks and Defenses
Clickjacking attacks are an emerging threat on the web. In this paper, we design new clickjacking attack variants using existing techniques and demonstrate that existing clickjacking defenses are insufficient. Our attacks show that clickjacking can cause severe damages, including compromising a user’s private webcam, email or other private data, and web surfing anonymity. We observe the root ca...
متن کاملModeling and Preventing Phishing Attacks
We introduce tools to model and describe phishing attacks, allowing a visualization and quantification of the threat on a given complex system of web services. We use our new model to describe some new phishing attacks, some of which belong to a new class of abuse introduced herein: the context aware phishing attacks. We describe ways of using the model we introduce to quantify the risks of an ...
متن کاملDistributed Phishing Attacks
We identify and describe a new type of phishing attack that circumvents what is probably today’s most efficient defense mechanism in the war against phishing, namely the shutting down of sites run by the phisher. This attack is carried out using what we call a distributed phishing attack (DPA). The attack works by a per-victim personalization of the location of sites collecting credentials and ...
متن کاملAn interdiscplinary study of phishing and spear-phishing attacks
In a world where spear-phishing is one of the most common attacks used to steal confidential data, it is necessary to instruct technical and non-technical users about new mechanisms attackers can use to generate these attacks. We want to focus on phishing attacks, where a social engineer communicates a deceitful message to their victims in order to obtain some confidential information, because ...
متن کاملA Phishing Model and Its Applications to Evaluating Phishing Attacks
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. In this paper, we present a theoretical yet practical model to study this threat in a formal manner. While it is folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has n...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Security and Its Applications
سال: 2016
ISSN: 1738-9976,1738-9976
DOI: 10.14257/ijsia.2016.10.1.23