Anders Persson Masterthesis

Online banking and e-commerce applications have good protection against attacks directed direct towards their computer systems. This, the attacker has considered and instead use " social engineering " attacks, such as phishing to gain access to the information inside [1] [15] [20]. Phishing is a growing problem that many different companies are trying to develop a working protection against. The number of new phishing-sites per month increased by 1363 % between January 2005 and October 2006, from 2560 to 37 444 attacks [3] [2]. Today there are several different antiphishing applications as well as implemented methods to prevent attacks, but are they giving enough protection? In this paper we plan to investigate the concept of phishing to better understand the threat it provides. We will analyse 252 different phishing attacks and examine a number of existing antiphishing applications to see if there are possibilities to improve the different protection methods to improve the accuracy of such tools.