Relevant bibliographies by topics / Phishing / Journal articles
To see the other types of publications on this topic, follow the link: Phishing.

Journal articles on the topic 'Phishing'

Author: Grafiati
Published: 4 June 2021
Last updated: 25 May 2024

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the top 50 journal articles for your research on the topic 'Phishing.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.

1

Jansson, K., and R. von Solms. "Phishing for phishing awareness." Behaviour & Information Technology 32, no. 6 (June 2013): 584–93. http://dx.doi.org/10.1080/0144929x.2011.632650.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Brenner, Philip S. "Can Phishing Tank Survey Response Rates? Evidence from a Natural Experiment." Field Methods 31, no. 4 (September 11, 2019): 295–308. http://dx.doi.org/10.1177/1525822x19872443.

Full text
Abstract:
In today’s survey climate, many individuals doubt the legitimacy of survey invitations. Phishing, an Internet-based fraud that tricks users into disclosing private information, has the potential to further erode the perceived legitimacy of e-mailed survey invitations and harm cooperation. However, no study has tested the effect of phishing on response rates. This article reports on a natural experiment examining phishing’s effect on survey response. University faculty and staff received an invitation to participate in an annual web survey on satisfaction with information technology (IT) services followed by a request to participate in a second “survey” ostensibly sent by another university department. However, the second survey invitation was a simulated phishing attack sent by the IT department. Analysis of response rates and the timing of responses from each of the last five years of the legitimate survey suggests that the phishing simulation dramatically reduced response compared to predictions based on previous years.
APA, Harvard, Vancouver, ISO, and other styles
3

Idna Idris, Mohd Yamani, Madihah Mohd Saudi, Shaharudin Ismail, and Emran Mohd Tamil. "Phishing." International Journal of Learning: Annual Review 12, no. 8 (2007): 79–88. http://dx.doi.org/10.18848/1447-9494/cgp/v14i08/45418.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Fox, Dirk. "Phishing." Datenschutz und Datensicherheit - DuD 45, no. 11 (November 2021): 717. http://dx.doi.org/10.1007/s11623-021-1521-3.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Gandhi, V. Karamchand, and Prof R. Senthil Kumar. "A Study on Phishing: Preventions and Anti-Phishing Solutions." International Journal of Scientific Research 1, no. 2 (June 1, 2012): 68–69. http://dx.doi.org/10.15373/22778179/jul2012/21.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Fatima, Rubia, Affan Yasin, Lin Liu, and Jianmin Wang. "How persuasive is a phishing email? A phishing game for phishing awareness." Journal of Computer Security 27, no. 6 (October 11, 2019): 581–612. http://dx.doi.org/10.3233/jcs-181253.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Zieni, Rasha, Luisa Massari, and Maria Carla Calzarossa. "Phishing or Not Phishing? A Survey on the Detection of Phishing Websites." IEEE Access 11 (2023): 18499–519. http://dx.doi.org/10.1109/access.2023.3247135.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Mohamed, Gori, J. Visumathi, Miroslav Mahdal, Jose Anand, and Muniyandy Elangovan. "An Effective and Secure Mechanism for Phishing Attacks Using a Machine Learning Approach." Processes 10, no. 7 (July 12, 2022): 1356. http://dx.doi.org/10.3390/pr10071356.

Full text
Abstract:
Phishing is one of the biggest crimes in the world and involves the theft of the user’s sensitive data. Usually, phishing websites target individuals’ websites, organizations, sites for cloud storage, and government websites. Most users, while surfing the internet, are unaware of phishing attacks. Many existing phishing approaches have failed in providing a useful way to the issues facing e-mails attacks. Currently, hardware-based phishing approaches are used to face software attacks. Due to the rise in these kinds of problems, the proposed work focused on a three-stage phishing series attack for precisely detecting the problems in a content-based manner as a phishing attack mechanism. There were three input values—uniform resource locators and traffic and web content based on features of a phishing attack and non-attack of phishing website technique features. To implement the proposed phishing attack mechanism, a dataset is collected from recent phishing cases. It was found that real phishing cases give a higher accuracy on both zero-day phishing attacks and in phishing attack detection. Three different classifiers were used to determine classification accuracy in detecting phishing, resulting in a classification accuracy of 95.18%, 85.45%, and 78.89%, for NN, SVM, and RF, respectively. The results suggest that a machine learning approach is best for detecting phishing.
APA, Harvard, Vancouver, ISO, and other styles
9

Singh, Kuldeep, Palvi Aggarwal, Prashanth Rajivan, and Cleotilde Gonzalez. "Training to Detect Phishing Emails: Effects of the Frequency of Experienced Phishing Emails." Proceedings of the Human Factors and Ergonomics Society Annual Meeting 63, no. 1 (November 2019): 453–57. http://dx.doi.org/10.1177/1071181319631355.

Full text
Abstract:
We studied people’s success on the detection of phishing emails after they were trained under one of three phishing frequency conditions, where the proportion of the phishing emails during training varied as: low frequency (25% phishing emails), medium frequency (50% phishing emails) and high frequency (75% phishing emails). Individual base susceptibility to phishing emails was measured in a pre-training phase in which 20% of the emails were phishing; this performance was then compared to a post-training phase in which participants aimed at detecting new rare phishing emails (20% were phishing emails). The Hit rates, False Alarm rates, sensitivities and response criterion were analyzed. Results revealed that participants receiving higher frequency of phishing emails had a higher hit rate but also higher false alarm rate at detecting phishing emails at post-training compared to participants encountering lower frequency levels during training. These results have implications for designing new training protocols for improving detection of phishing emails.
APA, Harvard, Vancouver, ISO, and other styles
10

Kumari, Khushboo, and Feon Jaison. "Detection of URL Based Phishing Websites Using Machine Learning in Django Framework." International Journal for Research in Applied Science and Engineering Technology 10, no. 3 (March 31, 2022): 1151–53. http://dx.doi.org/10.22214/ijraset.2022.40828.

Full text
Abstract:
Abstract: In this modern world, Phishing website detection is one of the most critical tasks in the world. In the recent times, a lot of people have suffered phishing attack due to phishing website. Machine Learning plays an important role in prediction of phishing website in the network. The proposed method predicts the URL based phishing websites based on features and also gives maximum accuracy to predict the result. This method uses uniform resource locator (URL) features to detect. It identified features that phishing site URLs contain. The proposed method takes those features for phishing detection. Security of the phishing detection website is also a major concern which is solved by providing administration who can manage the phishing detection website. Keywords: Phishing site, Machine learning, Legitimate, Prediction
APA, Harvard, Vancouver, ISO, and other styles
11

Cheena, Ms, and Dr S. Radha Rammohan. "Detection and Prevention of Phishing Attacks in DDoS Using Collaborative Learning Algorithm." International Journal for Research in Applied Science and Engineering Technology 11, no. 2 (February 28, 2023): 747–50. http://dx.doi.org/10.22214/ijraset.2023.48906.

Full text
Abstract:
Abstract: Threat to cyber security are significant in providing phishing attacks with huge industry area with anti phishing simulations. Thus it minimizes risk taken infuses attacks with phishing. Large scale phishing training participates various simulations based on phishing attacks. In our proposed system phishing attacks will be analysed based on its credentials and simulated with training data results. They are developed along with data driven models for classification of users perceiving such phishing attacks. Besides analyzation of results based on huge attacks on phishing and training them against those phishing data users most clicking behaviour will be monitored regularly. Cyber phishing attacks in DDoS are significant in IoT are threat in internet environment and predicts attacks through collaborative learning algorithm. Attacked systems connected through onine processes malicious actions without any authorized or authenticated attacks. Further phishing techniques will be predicted using training data and updated on machine learning using Collaborative Learning Algorithm.
APA, Harvard, Vancouver, ISO, and other styles
12

HURZHII, S. "Organizational and technical aspect of anti-phishing." INFORMATION AND LAW, no. 3(46) (September 5, 2023): 176–86. http://dx.doi.org/10.37750/2616-6798.2023.3(46).287251.

Full text
Abstract:
The definition and types of phishing are determined. The specifics of the phishing attacks were detailed. The procedural technological issues in relation to phishing have been clarified. The algorithm for detecting bad phishing emails has been reviewed. The traditional methods of countering phishing attacks are shown. The general recommendations were made to prevent phishing. The directions of improvement of national legislation with the aim of strengthening the powers of the state to combat phishing are proposed.
APA, Harvard, Vancouver, ISO, and other styles
13

Gupta, Suraj Rakesh. "Review on Phishing Attack Detection using Recurrent Neural Network." International Journal for Research in Applied Science and Engineering Technology 9, no. 11 (November 30, 2021): 185–88. http://dx.doi.org/10.22214/ijraset.2021.38756.

Full text
Abstract:
Abstract: Phishing is a crime that involves the theft of personal information from users. Individuals, corporations, cloud storage, and government websites are all targets for the phishing websites. Anti-phishing technologies based on hardware are commonly utilised, while software-based options are preferred due to cost and operational considerations. Current phishing detection systems have no solution for problems like zero-day phishing assaults. To address these issues, a three-phase attack detection system called the Phishing Attack Detector based on Web Crawler was suggested, which uses a recurrent neural network to precisely detect phishing incidents. Based on the classification of phishing and non-phishing pages, it covers the input features Web traffic, web content, and Uniform Resource Locator (URL). Keywords: Attack detection, Recurrent Neural Network, Deep Learning.
APA, Harvard, Vancouver, ISO, and other styles
14

Welk, Allaire K., Kyung Wha Hong, Olga A. Zielinska, Rucha Tembe, Emerson Murphy-Hill, and Christopher B. Mayhorn. "Will the “Phisher-Men” Reel You In?" International Journal of Cyber Behavior, Psychology and Learning 5, no. 4 (October 2015): 1–17. http://dx.doi.org/10.4018/ijcbpl.2015100101.

Full text
Abstract:
Phishing is an act of technology-based deception that targets individuals to obtain information. To minimize the number of phishing attacks, factors that influence the ability to identify phishing attempts must be examined. The present study aimed to determine how individual differences relate to performance on a phishing task. Undergraduate students completed a questionnaire designed to assess impulsivity, trust, personality characteristics, and Internet/security habits. Participants performed an email task where they had to discriminate between legitimate emails and phishing attempts. Researchers assessed performance in terms of correctly identifying all email types (overall accuracy) as well as accuracy in identifying phishing emails (phishing accuracy). Results indicated that overall and phishing accuracy each possessed unique trust, personality, and impulsivity predictors, but shared one significant behavioral predictor. These results present distinct predictors of phishing susceptibility that should be incorporated in the development of anti-phishing technology and training.
APA, Harvard, Vancouver, ISO, and other styles
15

Dadkhah, Mehdi, Shahaboddin Shamshirband, and Ainuddin Wahid Abdul Wahab. "A hybrid approach for phishing web site detection." Electronic Library 34, no. 6 (November 7, 2016): 927–44. http://dx.doi.org/10.1108/el-07-2015-0132.

Full text
Abstract:
Purpose This paper aims to present a hybrid approach based on classification algorithms that was capable of identifying different types of phishing pages. In this approach, after eliminating features that do not play an important role in identifying phishing attacks and also after adding the technique of searching page title in the search engine, the capability of identifying journal phishing and phishing pages embedded in legal sites was added to the presented approach in this paper. Design/methodology/approach The hybrid approach of this paper for identifying phishing web sites is presented. This approach consists of four basic sections. The action of identifying phishing web sites and journal phishing attacks is performed via selecting two classification algorithms separately. To identify phishing attacks embedded in legal web sites also the method of page title searching is used and then the result is returned. To facilitate identifying phishing pages the black list approach is used along with the proposed approach so that the operation of identifying phishing web sites can be performed more accurately, and, finally, by using a decision table, it is judged that the intended web site is phishing or legal. Findings In this paper, a hybrid approach based on classification algorithms to identify phishing web sites is presented that has the ability to identify a new type of phishing attack known as journal phishing. The presented approach considers the most used features and adds new features to identify these attacks and to eliminate unused features in the identifying process of these attacks, does not have the problems of previous techniques and can identify journal phishing too. Originality/value The major advantage of this technique was considering all of the possible and effective features in identifying phishing attacks and eliminating unused features of previous techniques; also, this technique in comparison with other similar techniques has the ability of identifying journal phishing attacks and phishing pages embedded in legal sites.
APA, Harvard, Vancouver, ISO, and other styles
16

Mohd Zaharon, Nur Farhana, Mazurina Mohd Ali, and Suhaily Hasnan. "Factors Affecting Awareness of Phishing Among Generation Y." Asia-Pacific Management Accounting Journal 16, no. 2 (August 31, 2021): 409–44. http://dx.doi.org/10.24191/apmaj.v16i2-15.

Full text
Abstract:
The purpose of this study was to determine the factors affecting awareness of phishing among Generation Y in Malaysia. Specifically, this study identified three factors that may influence awareness of phishing by applying the Theory of Technology Threat Avoidance. The factors are social engineering, anti-phishing knowledge, and security concern. Data was collected through a questionnaire survey. This study found that all the factors significantly influenced awareness of phishing among Generation Y in Malaysia. The findings of this study provide a further understanding of the factors that affect awareness of phishing. This study would benefit the public, especially Generation Y, the government, and all types of businesses, including financial institutions, by raising awareness of phishing and reducing phishing attacks. Keywords: phishing, Generation Y, social engineering, anti-phishing knowledge, security concern
APA, Harvard, Vancouver, ISO, and other styles
17

V, Mrs Pallavi K., Simran Banu H. Shirahatti, Soniya Devi T, Syed Owais Umair, and Syed Waseem Ahmed. "Phishing - A Common Cyber Menace to Combat." International Journal for Research in Applied Science and Engineering Technology 12, no. 4 (April 30, 2024): 2307–10. http://dx.doi.org/10.22214/ijraset.2024.60283.

Full text
Abstract:
Abstract: Phishing is the most common type of cyber threat existing today. In this paper the aim is to do a quick survey about phishing. Phishing is an attack made to gain unauthorized access to the sensitive information about a person on internet by impersonating the websites they use. This paper also talks about the several means and mechanisms that exists to combat phishing attacks. The intruders mostly use emails, messages, or websites that appear to be from a trusted source to trick the victims into divulging sensitive information. Phished links are to be detected and the users must be protected from it. To assist enterprises in identifying and mitigating phishing risks, a number industry solutions and technologies are available for phishing link detection. Email security gateways, endpoint protection, URL filtering, cyber suites etc. Most common types of phishing include Email phishing, SMS phishing etc. As mentioned above there are quite a few solutions available but most of it is for the Email phishing, SMS phishing still needs some attention. With the emergence of mobile banking in the recent times, SMS phishing has seen a sudden rise. The study looks into how cooperative data sharing systems and threat intelligence feeds might work together. With the help of this cooperative method, the system can swiftly adjust to new phishing attempts and increase the overall accuracy of link detection by drawing on a communal knowledge base. The study of phishing link detection adds to the continuous endeavours to improve cybersecurity. The developed systems aim to offer a strong defence against the constantly changing landscape of phishing threats by integrating advanced technologies, behavioural analysis, and collaborative intelligence. This will ultimately protect individuals and organizations from the potentially disastrous consequences of phishing attacks
APA, Harvard, Vancouver, ISO, and other styles
18

Perrault, Evan K. "Using an Interactive Online Quiz to Recalibrate College Students’ Attitudes and Behavioral Intentions About Phishing." Journal of Educational Computing Research 55, no. 8 (March 23, 2017): 1154–67. http://dx.doi.org/10.1177/0735633117699232.

Full text
Abstract:
Despite improved spam filtering technology, phishing continues to be a prevalent threat for college students. The current study found that approximately 4-in-10 of the students surveyed ( N = 462) indicate they do not know what phishing is and the threat it poses. Students also report initially overestimating their confidence to successfully recognize phishing attempts, and underestimating their susceptibility to being the victim of an attack. By completing an interactive online phishing quiz, which explained what to look for in both counterfeit and legitimate email messages, students’ self-efficacy to identify phishing attempts increased, as did their perceived susceptibility to phishing attacks, their perceptions of the severity of phishing, their intentions to learn more about the topic, and their intentions to discuss phishing with others. These results indicate that a simple, interactive online phishing quiz could be used as an effective teaching tool to supplement existing educational attempts regarding phishing on college campuses.
APA, Harvard, Vancouver, ISO, and other styles
19

Rastenis, Justinas, Simona Ramanauskaitė, Justinas Janulevičius, Antanas Čenys, Asta Slotkienė, and Kęstutis Pakrijauskas. "E-mail-Based Phishing Attack Taxonomy." Applied Sciences 10, no. 7 (March 30, 2020): 2363. http://dx.doi.org/10.3390/app10072363.

Full text
Abstract:
The amount of fraud on the Internet is increasing along with the availability and the popularity of the Internet around the world. One of the most common forms of Internet fraud is phishing. Phishing attacks seek to obtain a user’s personal or secret information. The variety of phishing attacks is very broad, and usage of novel, more sophisticated methods complicates its automated filtering. Therefore, it is important to form up-to-date and detailed phishing attack taxonomy, which could be used for both human education purposes as well as phishing attack discrete notation. In this paper, we propose an e-mail-based phishing attack taxonomy, which includes six phases of the attack. Each phase has at least one criterion for the attack categorization. Each category is described, and in some cases the categories have sub-classes to present the full variety of phishing attacks. The proposed taxonomy is compared to similar taxonomies. Our taxonomy outperforms other phishing attack taxonomies in numbers of phases, criteria and distinguished classes. Validation of the proposed taxonomy is achieved by adapting it as a phishing attack notation for an incident management system. Taxonomy usage for phishing attack notation increases the level of description of phishing attacks compared to free-form phishing attack descriptions.
APA, Harvard, Vancouver, ISO, and other styles
20

Abbasi, Ahmed, David Dobolyi, Anthony Vance, and Fatemeh Mariam Zahedi. "The Phishing Funnel Model: A Design Artifact to Predict User Susceptibility to Phishing Websites." Information Systems Research 32, no. 2 (June 2021): 410–36. http://dx.doi.org/10.1287/isre.2020.0973.

Full text
Abstract:
Phishing is a significant security concern for organizations, threatening employees and members of the public. Phishing threats against employees can lead to severe security incidents, whereas those against the public can undermine trust, satisfaction, and brand equity. At the root of the problem is the inability of Internet users to identify phishing attacks even when using anti-phishing tools. We propose the phishing funnel model (PFM), a framework for predicting user susceptibility to phishing websites. PFM incorporates user, threat, and tool-related factors to predict actions during four key stages of the phishing process: visit, browse, consider legitimate, and intention to transact. We evaluated the efficacy of PFM in a 12-month longitudinal field experiment in two organizations involving 1,278 employees and 49,373 phishing interactions. PFM significantly outperformed competing models in terms of its ability to predict user susceptibility to phishing attacks. A follow-up three-month field study revealed that employees using PFM were significantly less likely to interact with phishing threats relative to comparison models and baseline warnings. Results of a cost-benefit analysis suggest that interventions guided by PFM could reduce annual phishing-related costs by nearly $1,900 per employee relative to comparison prediction methods.
APA, Harvard, Vancouver, ISO, and other styles
21

P.M, Dinesh, Mukesh M, Navaneethan B, Sabeenian R.S, Paramasivam M.E, and Manjunathan A. "Identification of Phishing Attacks using Machine Learning Algorithm." E3S Web of Conferences 399 (2023): 04010. http://dx.doi.org/10.1051/e3sconf/202339904010.

Full text
Abstract:
Phishing is a particular type of cybercrime that allows criminals to trick people and steal crucial data. The phishing assault has developed into a more complex attack vector since the first instance was published in 1990. Phishing is currently one of the most prevalent types of online fraud behavior. Phishing is done using a number of methods, such as through emails, phone calls, instant chats, adverts, pop-up windows on websites, and DNS poisoning. Phishing attacks can cause their victims to suffer significant losses, including the loss of confidential information, identity theft, businesses, and state secrets. By examining current phishing practises and assessing the state of phishing, this article seeks to assess these attacks. This article offers a fresh, in-depth model of phishing that takes into account attack stages, different types of attackers, threats, targets, attack media, and attacking strategies. Here, we categorise websites as real or phishing websites using machine learning techniques including Random Forest, XGBoost, and Logistic Regression. Additionally, the proposed anatomy will aid readers in comprehending the lifespan of a phishing attack, raising awareness of these attacks and the strategies employed as well as aiding in the creation of a comprehensive anti-phishing system.
APA, Harvard, Vancouver, ISO, and other styles
22

R, Gokul, and Felix M. Philip. "Phishing Detection." YMER Digital 21, no. 06 (June 15, 2022): 405–12. http://dx.doi.org/10.37896/ymer21.06/39.

Full text
Abstract:
The phishing email is one of the significant threats in the world today and has caused tremendous financial losses. Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. Although the methods of confrontation are continually being updated, the results of those methods are not very satisfactory at present. Moreover, phishing emails are growing at an alarming rate in recent years. Therefore, more effective phishing detection technology is needed to curb the threat of phishing emails. So There are many ways to detect these phishing mails nowadays using Machine Learning. so using the phishing mail detector where these links could be tested and then predicted and to detect whether it is a spam or not. Keywords: Phishing mail, Social engineering, Machine learning
APA, Harvard, Vancouver, ISO, and other styles
23

Agarwal, Naveen, Scott Renfro, and Arturo Bejar. "Phishing Forbidden." Queue 5, no. 5 (July 2007): 28–32. http://dx.doi.org/10.1145/1281881.1281890.

Full text
APA, Harvard, Vancouver, ISO, and other styles
24

Jagatic, Tom N., Nathaniel A. Johnson, Markus Jakobsson, and Filippo Menczer. "Social phishing." Communications of the ACM 50, no. 10 (October 2007): 94–100. http://dx.doi.org/10.1145/1290958.1290968.

Full text
APA, Harvard, Vancouver, ISO, and other styles
25

Larcom, G., and A. J. Elbirt. "Gone phishing." IEEE Technology and Society Magazine 25, no. 3 (2006): 52–55. http://dx.doi.org/10.1109/mtas.2006.1700023.

Full text
APA, Harvard, Vancouver, ISO, and other styles
26

Knight, William. "Goin' phishing?" Infosecurity Today 1, no. 4 (July 2004): 36–38. http://dx.doi.org/10.1016/s1742-6847(04)00089-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
27

Grimes, Roger A. "Fighting phishing." Computer Fraud & Security 2019, no. 7 (July 2019): 20. http://dx.doi.org/10.1016/s1361-3723(19)30076-4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
28

Brooks, Peter. "Phishing tips." New Scientist 192, no. 2577 (November 2006): 27. http://dx.doi.org/10.1016/s0262-4079(06)60968-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
29

Elmaleh, Dan. "Phishing forbidden." Card Technology Today 19, no. 9 (September 2007): 12–13. http://dx.doi.org/10.1016/s0965-2590(07)70137-8.

Full text
APA, Harvard, Vancouver, ISO, and other styles
30

Johnson, Victor A. "Phishing Tripz." Journal of Digital Forensic Practice 1, no. 3 (September 2006): 153–55. http://dx.doi.org/10.1080/15567280600995717.

Full text
APA, Harvard, Vancouver, ISO, and other styles
31

Butler, David J. "Phishing holidays." Tourism Economics 24, no. 6 (May 18, 2018): 690–700. http://dx.doi.org/10.1177/1354816618774484.

Full text
Abstract:
A recent book by Nobel laureates Akerlof and Shiller, Phishing for Phools, has drawn attention to the ‘dark side’ of the nudge. This article presents the timeshare market as an exemplar; a number of features of this market make it uniquely suitable for this purpose. I highlight the manner in which developers leverage consumer biases and cognitive limitations to secure sales. I then draw comparisons with the timeshare resale market to estimate the loss to consumers. I finish with some possible recommendations for reform.
APA, Harvard, Vancouver, ISO, and other styles
32

Doke, Tanmay, Pranav Khismatrao, Vaibhav Jambhale, and Nilesh Marathe. "Phishing-Inspector: Detection & Prevention of Phishing Websites." ITM Web of Conferences 32 (2020): 03004. http://dx.doi.org/10.1051/itmconf/20203203004.

Full text
Abstract:
With a tremendous boost in technologies & available learning material developing any website has become very easy. Due to this the number of websites are exponentially growing day by day. The traditional approach of comparing websites with Blacklist and whitelist is not so efficient. As attackers have become more intelligent regarding hiding and redirecting of the URL and thereby tricking the user into phishing attack without been getting detected. So there’s a need to have a novel approaches based on Machine learning (ML) which would expose this phishing websites. In this paper, the proposed system is an extension to web browser which made use of ML algorithm to extract various features and thereby helping the user to distinguish between Legitimate website and Phishing website.
APA, Harvard, Vancouver, ISO, and other styles
33

Hawa Apandi, Siti, Jamaludin Sallim, and Roslina Mohd Sidek. "Types of anti-phishing solutions for phishing attack." IOP Conference Series: Materials Science and Engineering 769 (June 9, 2020): 012072. http://dx.doi.org/10.1088/1757-899x/769/1/012072.

Full text
APA, Harvard, Vancouver, ISO, and other styles
34

T. Venkat Narayana Rao, Sreeja Reddy. "Investigation of Phishing Attacks and Means to Utilize Anti Phishing Techniques." International Journal on Recent and Innovation Trends in Computing and Communication 7, no. 2 (February 28, 2019): 05–10. http://dx.doi.org/10.17762/ijritcc.v7i2.5224.

Full text
Abstract:
Advancement of technology have both positive and negative impacts. Some of the negative impacts are cyber crimes. Cyber crimes have become more dangerous. Phishing is one of the cyber crime which results in exploitation of data. There are many phishing attacks which are identified every day. There are different techniques in phishing attacks. We have to reduce those attacks by employing suitable anti-phishing techniques. Some of the anti-phishing techniques and algorithms are discussed in this paper. History of phishing and the lifecycle are also discussed in this paper. People should be aware of all such phishing and the anti-phishing techniques. They have to be careful while checking their mails and should not click on any links or downloadable malware files.
APA, Harvard, Vancouver, ISO, and other styles
35

Anton, Guda, and Klishch Sergey. "Phishing like the first step to gaining access." System technologies 4, no. 147 (November 13, 2023): 141–54. http://dx.doi.org/10.34185/1562-9945-4-147-2023-13.

Full text
Abstract:
Phishing as a term that means the technique of sending phishing messages will be re-searched based on findings in public access and using the listed links. The process of a phish-ing attack will be analyzed, and then we will pay attention to the technical vectors of how us-ers become victims of the attack. Finally, existing research on phishing attacks and related prevention approaches will be reviewed. Mitigating phishing attacks is an important research topic worth exploring. Although a lot of research has been done, this threat still exists in the real world, and its prevalence is constantly increasing. According to research results, detecting phishing attacks is a difficult problem. There are two main strategies used to mitigate phishing attacks; or improving the performance of phishing detection technology or improving people's awareness of these at-tacks. Developing human expertise is a key way to defeat phishing attacks, as phishing attacks exploit human weaknesses rather than network weaknesses. Also, humans are always the weakest link in social engineering attacks. Compared to phishing website detection, phishing email detection may require user in-volvement to achieve better detection results. Because the success of a phishing email de-pends on its context. Specifically, when the premise of the phishing email is consistent with the user's work context (or current situation). Most anti-phishing solutions are implemented to mitigate general phishing attacks, but they ignore some specific situations, such as advanced phishing attacks. To prevent advanced phishing attacks, phishing websites are difficult to detect if a victim is attacked using stolen DNS data because the URL content and website content are the same as legitimate websites. Most content-based approaches may not work because the content of the accessed URL is an important factor in the decision. To prevent subdomain hijacking attacks, it is difficult to detect a phishing website if the phishers have hosted the website on a subdomain taken from a legitimate website. Regardless of the web content, URL, and SSL certificate information, they will all be the same as the le-gitimate website. Moreover, the approach to enumeration of subdomains needs improvement, as most current tools are based on rough enumeration, existing dictionaries may not cover all instances of subdomains, as some subdomains may be meaningless.
APA, Harvard, Vancouver, ISO, and other styles
36

Darem, A. "Anti-Phishing Awareness Delivery Methods." Engineering, Technology & Applied Science Research 11, no. 6 (December 11, 2021): 7944–49. http://dx.doi.org/10.48084/etasr.4600.

Full text
Abstract:
Phishing attacks are increasingly exploited by cybercriminals, they become more sophisticated and evade detection even by advanced technical countermeasures. With cybercriminals resorting to more sophisticated phishing techniques, strategies, and different channels such as social networks, phishing is becoming a hard problem to solve. Therefore, the main objective for any anti-phishing solution is to minimize phishing success and its consequences through complementary means to advanced technical countermeasures. Specifically, phishing threats cannot be controlled by technical controls alone, thus it is imperative to complement cybersecurity programs with cybersecurity awareness programs to successfully fight against phishing attacks. This paper provides a review of the delivery methods of cybersecurity training programs used to enhance personnel security awareness and behavior in terms of phishing threats. Although there are a wide variety of educational intervention methods against phishing, the differences between the cybersecurity awareness delivery methods are not always clear. To this end, we present a review of the most common methods of workforce cybersecurity training methods in order for them to be able to protect themselves from phishing threats.
APA, Harvard, Vancouver, ISO, and other styles
37

Chen, Shihan, Yixiang Lu, and Dong-Jie Liu. "Phishing Target Identification Based on Neural Networks Using Category Features and Images." Security and Communication Networks 2022 (December 6, 2022): 1–12. http://dx.doi.org/10.1155/2022/5653270.

Full text
Abstract:
Phishing attack, as a significant security concern in cyberspace, has continuously threatened organizations and Internet users. For organizations, the rise in the number of phishing target brands has instilled distrust and dissatisfaction in legitimate Internet users and even damaged brand equity. Therefore, more fine-grained phishing detection mechanisms are urgently needed. In this study, we propose PTI-NN, an effective model based on neural networks that uses category features and images to identify the target brands of phishing websites. We furthermore contribute a new dataset including 3,500 phishing websites and present thirty phishing category features, which facilitate pertinent phishing detection in the field of cyber security. In the proposed PTI-NN, an embedding-based DNN is constructed to process the category features, a 2D-CNN is constructed to process the images, and finally, a fully connected layer is used to predict the target brand of phishing websites. The experimental results show that our proposed model is able to classify seventy phishing-targeted brands with a high accuracy of 91.10%, which showcases the effectiveness of our method on the identification of phishing target brands.
APA, Harvard, Vancouver, ISO, and other styles
38

Tang, Lizhen, and Qusay H. Mahmoud. "A Survey of Machine Learning-Based Solutions for Phishing Website Detection." Machine Learning and Knowledge Extraction 3, no. 3 (August 20, 2021): 672–94. http://dx.doi.org/10.3390/make3030034.

Full text
Abstract:
With the development of the Internet, network security has aroused people’s attention. It can be said that a secure network environment is a basis for the rapid and sound development of the Internet. Phishing is an essential class of cybercriminals which is a malicious act of tricking users into clicking on phishing links, stealing user information, and ultimately using user data to fake logging in with related accounts to steal funds. Network security is an iterative issue of attack and defense. The methods of phishing and the technology of phishing detection are constantly being updated. Traditional methods for identifying phishing links rely on blacklists and whitelists, but this cannot identify new phishing links. Therefore, we need to solve how to predict whether a newly emerging link is a phishing website and improve the accuracy of the prediction. With the maturity of machine learning technology, prediction has become a vital ability. This paper offers a state-of-the-art survey on methods for phishing website detection. It starts with the life cycle of phishing, introduces common anti-phishing methods, mainly focuses on the method of identifying phishing links, and has an in-depth understanding of machine learning-based solutions, including data collection, feature extraction, modeling, and evaluation performance. This paper provides a detailed comparison of various solutions for phishing website detection.
APA, Harvard, Vancouver, ISO, and other styles
39

Tambe Ebot, Alain. "Using stage theorizing to make anti-phishing recommendations more effective." Information & Computer Security 26, no. 4 (October 8, 2018): 401–19. http://dx.doi.org/10.1108/ics-06-2017-0040.

Full text
Abstract:
Purpose This paper aims to review the behavioral phishing literature to understand why anti-phishing recommendations are not very effective and to propose ways of making the recommendations more effective. The paper also examines how the concept of stages from health communication and psychology can be used to make recommendations against phishing more effective. Design/methodology/approach This literature review study focused on the behavioral phishing literature that has relied on human subjects. Studies were excluded for reasons that included lacking practical recommendations and human subjects. Findings The study finds that phishing research does not consider where victims are residing in qualitatively different stages. Consequently, the recommendations do not often match the specific needs of different victims. This study proposes a prototype for developing stage theories of phishing victims and identifies three stages of phishing victims from analyzing the previous phishing research. Research limitations/implications This study relied on published research on phishing victims. Future research can overcome this problem by interviewing phishing victims. Further, the authors’ recommendation that phishing researchers categorize phishing victims into stages and develop targeted messages is not based on direct empirical evidence. Nonetheless, evidence from cancer research and health psychology suggests that targeted messaging is efficacious and cost-effective. Thus, the impact of targeted messaging in phishing could be quite large. Practical implications The study recommends categorizing individuals into stages, based on their security knowledge and online behaviors, and other similar characteristics they may possess. A stage approach will consider that individuals who at one time clicked on a phishing link because they lacked the requisite security knowledge, after receiving security training, may click on a link because they are overconfident. Originality/value The paper explains why proposing anti-phishing recommendations, based on a “one-size fits all” approach has not been very effective (e.g. because it simplifies why people engage in different behaviors). The proposals introduce a new approach to designing and deploying anti-phishing recommendations based on the concept of stages.
APA, Harvard, Vancouver, ISO, and other styles
40

Tambe Ebot, Alain. "How stage theorizing can improve recommendations against phishing attacks." Information Technology & People 32, no. 4 (August 5, 2019): 828–57. http://dx.doi.org/10.1108/itp-12-2017-0434.

Full text
Abstract:
Purpose Phishing remains a major cybersecurity problem. Mainly adopting variance approaches, researchers have suggested several recommendations to help users avoid being victimized in phishing attacks. However, the evidence suggests that anti-phishing recommendations are not very effective. The purpose of this paper is threefold: first, to analyze why the existing anti-phishing recommendations may not be very effective; second, to propose stage theorizing as an additional approach for studying phishing that can contribute toward more effective recommendations; and third, to demonstrate using a stage theory, how IS researchers can utilize the concept of stages in phishing research. Design/methodology/approach The study draws on findings from previous empirical phishing research to assess whether the reasons why people are victimized in phishing attacks can be categorized into stages. The criteria for stages of the Transtheoretical Model (TTM) are used as an example. Findings Analysis indicates support for the existence of stages of phishing victims. The criteria for stages of the TTM were applied to the reasons that subjects in previous studies gave for clicking on phishing links and to the anti-phishing recommendations proposed in previous studies. There was overall support for four of the five criteria of the TTM. The results from the current study indicate that a targeted approach is a better approach to proposing anti-phishing recommendations. Practical implications The analysis identified the stages of phishing victims and the processes of change for each stage. It is suggested that recommendations against phishing should target individuals based on their resident stages. Moreover, the processes of change should be applied to the correct stage for the recommendations to be effective. Originality/value From a phishing perspective, there is a lack of research based on stage theorizing. The current study presents stage theorizing as an additional approach to the existing approaches and demonstrates how a stage theory can be used to make more effective recommendations against phishing. The study has thrown light on the benefits of stage theorizing and how its approach to targeted recommendations can be useful in IS security research.
APA, Harvard, Vancouver, ISO, and other styles
41

Baadel, Said, and Joan Lu. "Data Analytics: Intelligent Anti-Phishing Techniques Based on Machine Learning." Journal of Information & Knowledge Management 18, no. 01 (March 2019): 1950005. http://dx.doi.org/10.1142/s0219649219500059.

Full text
Abstract:
According to the international body Anti-Phishing Work Group (APWG), phishing activities have skyrocketed in the last few years and more online users are becoming susceptible to phishing attacks and scams. While many online users are vulnerable and naive to the phishing attacks, playing catch-up to the phishers’ evolving strategies is not an option. Machine Learning techniques play a significant role in developing effective anti-phishing models. This paper looks at phishing as a classification problem and outlines some of the recent intelligent machine learning techniques (associative classifications, dynamic self-structuring neural network, dynamic rule-induction, etc.) in the literature that is used as anti-phishing models. The purpose of this review is to serve researchers, organisations’ managers, computer security experts, lecturers, and students who are interested in understanding phishing and its corresponding intelligent solutions. This will equip individuals with knowledge and skills that may prevent phishing on a wider context within the community.
APA, Harvard, Vancouver, ISO, and other styles
42

O'Leary, Daniel E. "What Phishing E-mails Reveal: An Exploratory Analysis of Phishing Attempts Using Text Analysis." Journal of Information Systems 33, no. 3 (July 1, 2019): 285–307. http://dx.doi.org/10.2308/isys-52481.

Full text
Abstract:
ABSTRACT Accountants and auditing firms are frequent phishing targets because of the proximity to organizational resources. Since phishing typically is done using emails, text analysis is used to explore differences between phishing e gmails and other emails. By analyzing and comparing a database of phishing messages to a database of the Enron emails, we find that the phishing data is statistically significantly different across a large number of univariate text variable categories. Further, we generate a model of phishing as “power,” based on independent variables of friend (who they pretend to be), achievement (of their goal), (to take your) money, and (typically done at) work. These variables are used as a basis to estimate power in both the phishing and non-phishing messages, where we find differences on the signs of the independent variables. Finally, using text analysis, we examine the ability of neural network models to differentiate between phishing emails and Enron emails.
APA, Harvard, Vancouver, ISO, and other styles
43

Akinyelu, Andronicus A., and Aderemi O. Adewumi. "Classification of Phishing Email Using Random Forest Machine Learning Technique." Journal of Applied Mathematics 2014 (2014): 1–6. http://dx.doi.org/10.1155/2014/425731.

Full text
Abstract:
Phishing is one of the major challenges faced by the world of e-commerce today. Thanks to phishing attacks, billions of dollars have been lost by many companies and individuals. In 2012, an online report put the loss due to phishing attack at about $1.5 billion. This global impact of phishing attacks will continue to be on the increase and thus requires more efficient phishing detection techniques to curb the menace. This paper investigates and reports the use of random forest machine learning algorithm in classification of phishing attacks, with the major objective of developing an improved phishing email classifier with better prediction accuracy and fewer numbers of features. From a dataset consisting of 2000 phishing and ham emails, a set of prominent phishing email features (identified from the literature) were extracted and used by the machine learning algorithm with a resulting classification accuracy of 99.7% and low false negative (FN) and false positive (FP) rates.
APA, Harvard, Vancouver, ISO, and other styles
44

Harrison, Brynne, Elena Svetieva, and Arun Vishwanath. "Individual processing of phishing emails." Online Information Review 40, no. 2 (April 11, 2016): 265–81. http://dx.doi.org/10.1108/oir-04-2015-0106.

Full text
Abstract:
Purpose – The purpose of this paper is to explore user susceptibility to phishing by unpacking the mechanisms that may influence individual victimization. The focus is on the characteristics of the e-mail message, users’ knowledge and experience with phishing, and the manner in which these interact and influence how users cognitively process phishing e-mails. Design/methodology/approach – A field experiment was conducted where 194 subjects were exposed to a real phishing attack. The experimenters manipulated the contents of the message and measures of user traits and user processing were obtained after the phishing attack. Findings – Of the original list of targets, 47 percent divulged their private information to a bogus form page. Phishing susceptibility was predicted by a particular combination of both low attention to the e-mail elements and high elaboration of the phishing message. The presence of a threat or reward-based phishing message did not affect these processes, nor did it affect subsequent phishing susceptibility. Finally, individual factors such as knowledge and experience with e-mail increased resilience to the phishing attack. Research limitations/implications – The findings are generalizable to students who are a particularly vulnerable target of phishing attacks. Practical implications – The results presented in this study provide pragmatic recommendations for developing user-centered interventions to thwart phishing attacks. Lastly the authors suggest more effective educational efforts to protect individuals from such online fraud. Originality/value – This study provides novel insight into why phishing is successful, the human factor in susceptibility to online deception as well the role of information processing in effective decision making in this context. Based on the findings, the authors dispel common misconceptions about phishing and discuss more effective educational efforts to protect individuals from such online fraud.
APA, Harvard, Vancouver, ISO, and other styles
45

Aliyu, Mansur, Mukhtar U. Bagarawa, Abba N. Mu’azu, and Muhammad T. Umar. "Understanding phishing awareness among students in tertiary institutions and setting-up defensive mechanisms against the attackers." Caliphate Journal of Science and Technology 5, no. 1 (January 13, 2023): 22–31. http://dx.doi.org/10.4314/cajost.v5i1.4.

Full text
Abstract:
The average loss by companies to phishing in 2021 is $14.8 million, more than triple what it was in 2015. That translates to hundreds of billions of dollars in total losses from phishing attacks on global businesses, and the vulnerability of these attacks is every day increasing, particularly among the younger generation less than 40 years of age. This paper begins with a background exposition on phishing trends and highlights previous findings concerning users' susceptibility to phishing attacks. It however explores the term Phishing itself, its kinds, types and some basic measures necessary for defense against phishing activities. The research was employed with a major focus on the email aspect of phishing. Alongside the website aspect of phishing, the certificate of a website was also considered. The purpose of this study was to identify the level of student awareness related to specific phishing tactics. Findings revealed that while students are unlikely to provide personal information in response to an email/SMS request, they can be easily tricked by numerous other tactics. This paper reports the findings of the study in addition to listing suggested points to employ for creating phishing awareness.
APA, Harvard, Vancouver, ISO, and other styles
46

Lam, Nguyen Tung. "Developing a Framework for Detecting Phishing URLs using Machine Learning." International Journal of Emerging Technology and Advanced Engineering 11, no. 11 (November 13, 2021): 61–67. http://dx.doi.org/10.46338/ijetae1121_08.

Full text
Abstract:
The attack technique targeting end-users through phishing URLs is very dangerous nowadays. With this technique, attackers could steal user data or take control of the system, etc. Therefore, early detecting phishing URLs is essential. In this paper, we propose a method to detect phishing URLs based on supervised learning algorithms and abnormal behaviors from URLs. Finally, based on the research results, we build a framework for detecting phishing URLs through endusers. The novelty and advantage of our proposed method are that abnormal behaviors are extracted based on URLs which are monitored and collected directly from attack campaigns instead of using inefficient old datasets. Keywords— phishing URLs; detecting phishing URLs; abnormal behaviors of phishing URLs; Machine learning
APA, Harvard, Vancouver, ISO, and other styles
47

Sohidul Islam, Md, Md Sajjad, Mohammad Mahmudul Hasan, and Mohammad Sakib Islam Mazumder. "Phishing Attack Detecting System Using DNS and IP Filtering." Asian Journal of Computer Science and Technology 12, no. 1 (April 22, 2023): 16–20. http://dx.doi.org/10.51983/ajcst-2023.12.1.3552.

Full text
Abstract:
This study examines the different types of phishing attacks, which are a major threat to digital security. Phishing involves the use of fraudulent messages to deceive recipients, including email spoofing, spear phishing, phone phishing, clone phishing, pharming, HTTP phishing, man-in-the-middle attacks, and fast-flux phishing. Attackers can gather information about their targets from public sources such as social media networks, including work history, interests, and activities. The study developed a filtered website that detects fraudulent links based on the internet protocol (IP), register date, and domain name server (DNS) of each website. While further research is needed to improve the effectiveness of the site, this marks an important step towards enhancing digital security.
APA, Harvard, Vancouver, ISO, and other styles
48

Raju, Mr B. Ravi, S. Sai likhitha, N. Deepa, and S. Sushma. "Survey on Phishing Websites Detection using Machine Learning." International Journal for Research in Applied Science and Engineering Technology 10, no. 5 (May 31, 2022): 2376–81. http://dx.doi.org/10.22214/ijraset.2022.42843.

Full text
Abstract:
Abstract: Phishing is a widespread method of tricking unsuspecting people into disclosing personal information by using fake websites. Phishing website URLs are designed to steal personal information such as user names, passwords, and online banking activities. Phishers employ webpages that are visually and semantically identical to legitimate websites. As technology advances, phishing strategies have become more sophisticated, necessitating the use of anti-phishing measures to identify phishing. Machine learning is an effective method for combating phishing assaults. This study examines the features utilised in detection as well as machine learning-based detection approaches. Phishing is popular among attackers because it is easier to persuade someone to click on a malicious link that appears to be legitimate than it is to break through a computer's protection measures. The malicious links in the message body are made to look like they go to the faked organisation by utilising the spoofed organization's logos and other valid material. We'll go through the characteristics of phishing domains (also known as fraudulent domains), the qualities that distinguish them from real domains, why it's crucial to detect them, and how they can be discovered using machine learning and natural language processing techniques. Keywords: Phishing, personal information, machine learning, malicious links, and phishing domain characteristics are all terms that come up when people think of phishing
APA, Harvard, Vancouver, ISO, and other styles
49

Yang, Rundong, Kangfeng Zheng, Bin Wu, Chunhua Wu, and Xiujuan Wang. "Prediction of Phishing Susceptibility Based on a Combination of Static and Dynamic Features." Mathematical Problems in Engineering 2022 (May 10, 2022): 1–10. http://dx.doi.org/10.1155/2022/2884769.

Full text
Abstract:
Phishing is a very serious security problem that poses a huge threat to the average user. Research on phishing prevention is attracting increasing attention. The root cause of the threat of phishing is that phishing can still succeed even when anti-phishing tools are utilized, which is due to the inability of users to correctly identify phishing attacks. Current research on phishing focuses on examining the static characteristics of the phishing behavior phenomenon, which cannot truly predict a user’s susceptibility to phishing. In this paper, a user phishing susceptibility prediction model (DSM) that is based on a combination of dynamic and static features is proposed. The model investigates how the user’s static feature factors (experience, demographics, and knowledge) and dynamic feature factors (design changes and eye tracking) affect susceptibility. A hybrid Long Short-Term Memory (LSTM) and LightGBM prediction model is designed to predict user susceptibility. Finally, we evaluate the prediction performance of the DSM by conducting a questionnaire survey of 1150 volunteers and an eye-tracking experiment on 50 volunteers. According to the experimental results, the correct prediction rate of the DSM is higher than that for individual feature prediction, which reached 92.34%. These research experiments demonstrate the effectiveness of the DSM in predicting users’ susceptibility to phishing using a combination of static and dynamic features.
APA, Harvard, Vancouver, ISO, and other styles
50

Shubhankar, Shubhankar, Siddhartha Bhaumik, and Prakash Biswagar. "Detection and Classification of Malicious Websites." Journal of University of Shanghai for Science and Technology 23, no. 06 (June 1, 2021): 120–31. http://dx.doi.org/10.51201/jusst/21/05228.

Full text
Abstract:
Phishing is quite possibly the most appealing technique used by attackers in the point of taking the individual subtleties of unsuspected individuals. Phishing sites are essentially tricks that are used by data fraud hoodlums and fakes. They use spam, fake sites made to look like the first sites, email, and direct messages to trick somebody into sharing significant information, like passwords and secret information. New enemies of phishing techniques are coming out each day, yet attackers think of new ways by focusing on all the new enemies of phishing techniques. So there is an earnest requirement for new strategies for the expectation of phishing sites. The paper portrays the correlation models in the classification of phishing sites for expectation utilizing distinctive Machine learning models. Different models are used for predicting which model gives the best exactness in phishing site classification. All the information is classified as either Benign for substantial Websites or Phish as Phishing Websites. Results have generated that show RF gives the best performance on this dataset for the classification of phishing sites.
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the bibliographies on the topic 'Phishing' for other source types:
Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography