Nowadays, the most important risk and challenge in online system are online scam and phishing attacks. Phishing attacks have been always used to steal important information of users. In this kind of scam, attacker direct victim to fake pages using social engineering techniques, then, starts stealing users` important information such as passwords. In order to confronting these attacks, numerous ...

The internet and its various services have made users to easily communicate with each other. Internet benefits including online business and e-commerce. E-commerce has boosted online sales and online auction types. Despite their many uses and benefits, the internet and their services have various challenges, such as information theft, which challenges the use of these services. Information thef...

One of the most common and costly forms of deception and fraud online is phishing. Due to the ramifications of successful phishing attacks, security experts and researchers seek to better understand this phenomenon. Prior phishing research has addressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as users judge the veracity of phishing e...

Phishing attack is new type of network attach and become a major nuisance on the internet. The rapidly progressof phishing attacksthe present secure socket layer is not able to provide and protect users from fraudulent websites. The attacks have been targeted the non-cryptographic security protocols likeTransport layer security and secure socket layerprotocols. These protocols are not sufficien...

Phishing in mobile applications is a relevant threat with successful attacks reported in the wild. In such attacks, malicious mobile applications masquerade as legitimate ones to steal user credentials. In this paper we categorize application phishing attacks in mobile platforms and possible countermeasures. We show that personalized security indicators can help users to detect phishing attacks...

Phishing is a growing phenomenon, which has not only caused billions in losses, but also has eroded consumer confidence in online transactions. To develop effective countermeasures, we need to understand how phishing e-mails exploit human vulnerabilities. We develop a framework to explore phishing from the perspective of victims. The framework helps understand different features that are utiliz...

Phishing is the combination of social engineering and technical exploits designed to convince a victim to provide personal information, usually for the monetary gain of the attacker. Phishing has become the most popular practice among the criminals of the Web. Phishing attacks are becoming more frequent and sophisticated. The impact of phishing is drastic and significant since it can involve th...

In a world where spear-phishing is one of the most common attacks used to steal confidential data, it is necessary to instruct technical and non-technical users about new mechanisms attackers can use to generate these attacks. We want to focus on phishing attacks, where a social engineer communicates a deceitful message to their victims in order to obtain some confidential information, because ...

We introduce tools to model and describe phishing attacks, allowing a visualization and quantification of the threat on a given complex system of web services. We use our new model to describe some new phishing attacks, some of which belong to a new class of abuse introduced herein: the context aware phishing attacks. We describe ways of using the model we introduce to quantify the risks of an ...

There is no agreed upon definition for Phishing. Although, the medium of attack may vary, the goal is to steal confidential information from an individual. Classical Phishing attacks via mass mailing have a low return of investment rate. Generally, one mass mailing of 100,000 emails may collect between 10 to 100 victims. On the contrary, Phishing scams targeted to a specific group of people in ...