Phishing has become a major attack vector for hackers and cost victims $687 million in the first half of 2012 alone. Additionally, despite technical solutions to defend against this threat, reports show that phishing attacks are increasing. There is therefore a pressing need to understand why users continue to fall victim to phishing, and how such attacks can be prevented. In this researchin-pr...

Security exploits can include cyber threats such as computer programs that can disturb the normal behavior of computer systems (viruses), unsolicited e-mail (spam), malicious software (malware), monitoring software (spyware), attempting to make computer resources unavailable to their intended users (Distributed Denial-of-Service or DDoS attack), the social engineering, and online identity theft...

Phishing, or web spoofing, is a growing problem: the Anti-Phishing Working Group (APWG) received almost 14,000 unique phishing reports in August 2005, a 56% jump over the number of reports in December 2004 [3]. $150,000 [17]. For financial institutions, phishing is a particularly insidious problem, since trust forms the foundation for customer relationships, and phishing attacks undermine confi...

Phishing and related cybercrime is responsible for billions of dollars in losses annually. Gartner reported more than 5 million U.S. consumers lost money to phishing attacks in the 12 months ending in September 2008 (Gartner 2009). This paper asks whether the majority of organised phishing and related cybercrime originates in Eastern Europe rather than elsewhere such as China or the USA. The Ru...

The problem of phishing has attracted considerable attention recently, and a number of solutions and enhanced security measures have been proposed. We perform a detailed analysis of several antiphishing schemes, and attacks and improvements. While several antiphishing technologies address commonly observed phishing tactics, the space evolves rapidly, and a good prevention technique should be ro...

This paper analyzes trends seen in phishing attacks throughout 2006 based on real-world data obtained through Symantec’s phishing data collection fabric. We examine both the prevalence and breakdown of phishing web sites as well as the frequency and breakdown of phishing emails. Beyond just the extent of data collected, our study differs from previously published studies in this area in two reg...

Phishing attacks have become an increasing threat to online users. Recent research has begun to focus on the factors that cause people to respond to them. Our study examines the correlation between the Big Five personality traits and email phishing response. We also examine how these factors affect users behavior on Facebook, including posting personal information and choosing Facebook privacy ...

Anti-phishing detection solutions employed in industry use blacklist-based approaches to achieve low falsepositive rates, but blacklist approaches utilizes website URLs only. This study analyses and combines phishing emails and phishing web-forms in a single framework, which allows feature extraction and feature model construction. The outcome should classify between phishing, suspicious, legit...