Phishing Is A Social Engineering Luring Technique

1384 Words6 Pages
Phishing is a social engineering luring technique, in which an attacker aims to steal sensitive information such as online banking passwords and credit card information from users. Phishing is generally carried over electronic communications such as email or instant messaging. A replica of the legitimate site is created and the users are directed to the phishing pages where it required for the personal information. In the past few years we have seen an increase in semantic attacks. The statistics of the anti-phishing working group confirm that finance, insurance, & real estate lead the top ten industries targeted, followed by manufacturing industries. As per the survey done by RSA Fraud Surveyor[14] it is identified that
…show more content…
[10][11] Conducted through study and analysis on anti-phishing toolbars which indicates that all the examined toolbars were ineffective to prevent a web page from phishing attacks. Dhamija and Tygar in [12] and Wu et al in [13] designed a prototype user interfaces, which forces designers to follow certain paths by adding either dynamic skin to the web pages or sensitive information location attributes to HTML codes while creating web pages.

The goal of this paper is to compare different approaches that are used to determine the phishing web pages to safeguard the web users from attackers. A lot of research has been done on anti-phishing in designing various approaches and categorized the current phishing detection into three main types Non-Content based approaches that do not use the website content to classify it as legitimate or phishing site, Content based approaches that use the site contents to detect phishing, and Visual similarity based approaches that identify website using the visual similarity with the known sites.
Non Content-Based Phishing: In Non Content-Based approach includes URL, host based classification of phishing sites, Blacklisting and Whitelisting methods. In URL based schemes, URLs are classified on the basis of both lexical and host features, which describes lexical patterns in malicious URL’s that includes features such as the length of the URL the number of dots,
Get Access