An Exploration of the Design Features of Phishing Attacks
نویسندگان
چکیده
Phishing is a growing phenomenon, which has not only caused billions in losses, but also has eroded consumer confidence in online transactions. To develop effective countermeasures, we need to understand how phishing e-mails exploit human vulnerabilities. We develop a framework to explore phishing from the perspective of victims. The framework helps understand different features that are utilized by phishers in designing e-mails and websites. We further explore the design patterns of phishing attacks. We collect 195 phishing records from the antiphishing work group website. Using content analysis and two-step cluster analysis, we examine those attacks for the presence of design features identified through our framework. We find that phishing attacks in different time periods present different characteristics, and the quality of phishing attacks have advanced consistently over time. Finally, on the basis of the location of the phishing hosts, we group the
منابع مشابه
طراحی سیستم خبره به منظور تشخیص حملههای فیشینگ در بانکداری الکترونیکی
In e-commerce and e-banking environments, one of the most risks or challenges which must be considered, is the risk of online fraud specially phishing attacks. In this study, we use some visual and technical identifies of a phishing web site as parameters to implement an expert system to diagnose this type of attack in electronic banking. In the proposed system, we use 27 different features as ...
متن کاملDetecting Fake Websites Using Swarm Intelligence Mechanism in Human Learning
The internet and its various services have made users to easily communicate with each other. Internet benefits including online business and e-commerce. E-commerce has boosted online sales and online auction types. Despite their many uses and benefits, the internet and their services have various challenges, such as information theft, which challenges the use of these services. Information thef...
متن کاملPhishing website detection using weighted feature line embedding
The aim of phishing is tracing the users' s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. M...
متن کاملA Novel Architecture for Detecting Phishing Webpages using Cost-based Feature Selection
Phishing is one of the luring techniques used to exploit personal information. A phishing webpage detection system (PWDS) extracts features to determine whether it is a phishing webpage or not. Selecting appropriate features improves the performance of PWDS. Performance criteria are detection accuracy and system response time. The major time consumed by PWDS arises from feature extraction that ...
متن کاملFeature-based Malicious URL and Attack Type Detection Using Multi-class Classification
Nowadays, malicious URLs are the common threat to the businesses, social networks, net-banking etc. Existing approaches have focused on binary detection i.e. either the URL is malicious or benign. Very few literature is found which focused on the detection of malicious URLs and their attack types. Hence, it becomes necessary to know the attack type and adopt an effective countermeasure. This pa...
متن کامل