Phishing is a technique of the fraudulent by creating exact look-a-like well known portal and making the possibility such that the users are navigated to phishing portal rather than the original portal and capturing the sensitive data like usernames, passwords etc. with the advantage of phishing portal and misusing the information. Many have proposed the solution for anti-Phishing area and thei...

As the battle against phishing continues, many questions remain about where stakeholders should place their efforts to achieve effective prevention, speedy detection, and fast action. Do stakeholders have sufficient incentives to act? What should be the top priorities for the anti-phishing community? To provide insights into these questions we conducted 31 in-depth interviews with anti-phishing...

The World Wide Web has become the hotbed of a multi-billion dollar underground economy among cyber criminals whose victims range from individual Internet users to large corporations and even government organizations. As phishing attacks are increasingly being used by criminals to facilitate their cyber schemes, it is important to develop effective phishing detection tools. In this paper, we pro...

Nowadays, the most important risk and challenge in online system are online scam and phishing attacks. Phishing attacks have been always used to steal important information of users. In this kind of scam, attacker direct victim to fake pages using social engineering techniques, then, starts stealing users` important information such as passwords. In order to confronting these attacks, numerous ...

Mobile application phishing happens when a malicious mobile application masquerades as a legitimate one to steal user credentials. Personalized security indicators may help users to detect phishing attacks, but rely on the user’s alertness. Previous studies in the context of website phishing have shown that users tend to ignore personalized security indicators and fall victim to attacks despite...

Efforts to combat phishing and fraud online often center around filtering the phishing messages and disabling phishing Web sites to prevent users from being deceived. Two potential approaches to disabling a phishing site are (1) to eliminate the required DNS records to reach the site and (2) to remove the site from the machine itself. While previous work has focused on DNS take-down efforts, we...

Phishing has by far become the most dangerous form of fraud to hit online business. Due to the key role in accessing the Internet, web browsers are at a strategic position to offer the protection against the risks of phishing attacks. Varieties of security companies have proposed their browser-based antiphishing solutions to protect the end-use. In this paper, we used 3403 fresh phishing URLs a...

Phishing is a growing phenomenon, which has not only caused billions in losses, but also has eroded consumer confidence in online transactions. To develop effective countermeasures, we need to understand how phishing e-mails exploit human vulnerabilities. We develop a framework to explore phishing from the perspective of victims. The framework helps understand different features that are utiliz...

The aim of phishing is tracing the users' s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. M...

Phishing websites continue to successfully exploit user vulnerabilities in household and enterprise settings. Existing anti-phishing tools lack the accuracy and generalizability needed to protect Internet users and organizations from the myriad of attacks encountered daily. Consequently, users often disregard these tools’ warnings. In this study, using a design science approach, we propose a no...