Nowadays Online transactions are become very common and there are various attacks occur behind this. In these types of various attacks, phishing is very common attack. For detecting this attack various anti-phishing mechanisms are used. Propose a new authentication scheme for se-cure OTP distribution in phishing website detection through EVC and QR codes. The Website Detection using extended vi...

We identify and describe a new type of phishing attack that circumvents what is probably today’s most efficient defense mechanism in the war against phishing, namely the shutting down of sites run by the phisher. This attack is carried out using what we call a distributed phishing attack (DPA). The attack works by a per-victim personalization of the location of sites collecting credentials and ...

With the convergence of Internet and telephony, new applications (e.g., WhatsApp) have emerged as an important means of communication for billions of users. These applications are becoming an attractive medium for attackers to deliver spam and carry out more targeted attacks. Since such applications rely on phone numbers, we explore the feasibility, automation, and scalability of phishing attac...

Security threats and potential breaches can stem from a wide variety of vulnerabilities, ranging from simple password theft or spyware to Trojan horses, keyword sniffers and more. But the tactic that combines high levels of deception, great potential risk of loss and broad distribution is a new form of “man-in-themiddle” attack—real-time phishing. Man-in-the-middle attacks are not new—they’ve b...

Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are communicated to people from professional hackers aiming at fooling users to reveal their sensitive information, the most popular communication channel to those messages is through users’ emails. This paper presents an intelligent classification model for detecting phishing emails using knowle...

In this paper, we perform a thorough study on the risks imposed by the globally accessible Android Clipboard. Based on the risk assessment, we formulate a series of attacks and categorize them into two groups, i.e., manipulation and stealing. Clipboard data manipulation may lead to common code injection attacks, like JavaScript injection and command injection. Furthermore, it can also cause phi...

Until now, although many researchers proposed a variety of authentication protocol to verify the identity of the clients, most of these protocols are inefficient and ineffective. Gouda et al. proposed an anti-phishing single password protocol, but it is vulnerable to pharming attacks. In this paper, we show that the protocol is insecure, and propose a hash-based password authentication protocol...

This paper compares the risk factors for becoming a victim of two types of phishing: high-tech phishing (using malicious software) and low-tech phishing (using e-mails and telephone calls). These risk factors are linked to possibilities for situational crime prevention. Data from a cybercrime victim survey in the Netherlands (n=10,316) is used. Based on routine activity theory, the multivariate...

Purpose – Phishing is essentially a social engineering crime on the Web, whose rampant occurrences and technique advancements are posing big challenges for researchers in both academia and the industry. The purpose of this study is to examine the available phishing literatures and phishing countermeasures, to determine how research has evolved and advanced in terms of quantity, content and publ...

It is expected that mobile phones will be used in various e-commerce applications, since it is handy and frequently used. Another important aspect is that mobile phones approach computers both with respect to programmability and capacity. One example of a cutting edge application is a generic authentication mechanism invented by a new Norwegian startup company: a mobile terminal is used as a pa...