Phishing on Mobile Devices
نویسندگان
چکیده
We assess the risk of phishing on mobile platforms. Mobile operating systems and browsers lack secure application identity indicators, so the user cannot always identify whether a link has taken her to the expected application. We conduct a systematic analysis of ways in which mobile applications and web sites link to each other. To evaluate the risk, we study 85 web sites and 100 mobile applications and discover that web sites and applications regularly ask users to type their passwords into contexts that are vulnerable to spoofing. Our implementation of sample phishing attacks on the Android and iOS platforms demonstrates that attackers can spoof legitimate applications with high accuracy, suggesting that the risk of phishing attacks on mobile platforms is greater than has previously been appreciated.
منابع مشابه
Phishing Techniques in Mobile Devices
The rapid evolution in mobile devices and communication technology has increased the number of mobile device users dramatically. The mobile device has replaced many other devices and is used to perform many tasks ranging from establishing a phone call to performing critical and sensitive tasks like money payments. Since the mobile device is accompanying a person most of his time, it is highly p...
متن کاملiPhish: Phishing Vulnerabilities on Consumer Electronics
As consumer electronic devices with embedded browsers become popular, financial institutions and online merchants set up websites to accommodate visitors using these devices. These devices range from cell phones to gaming consoles, cars, and even refrigerators. Porting a traditional desktop1 browser to a mobile device is more involved than resizing the display. To adapt to the hardware limitati...
متن کاملThe Novel Features for Phishing Based on User Device Detection
Recent years the rapid developments of technology, Internet services are gradually depending on the environment to be able to provide different services. Due to the rise of mobile devices, in order to provide the most appropriate service to the users, in addition to desktop websites, the most popular sites are beginning to build a websites for mobile devices exclusive service users at the same ...
متن کاملThe Mobile Browser as a Web-Based Platform for Identity
Mobile devices have long been considered useful in bootstrapping authentication via other channels, including the web. As mobile devices begin to include complete web browsers, there is an opportunity to standardize a simple, web-based mobile authentication technique, both for devices themselves and for desktop access using the mobile device as a secondary channel. The path to better authentica...
متن کاملA Two-factor Authentication Mechanism Using Mobile Phones
Mobile devices are becoming more pervasive and more advanced with respect to their processing power and memory size. Relying on the personalized and trusted nature of such devices, security features can be deployed on them in order to uniquely identify a user to a service provider. In this paper, we present a strong authentication mechanism that exploits the use of mobile devices to provide a t...
متن کامل