CHAPTER ONE: INTRODUCTION

1.1 Background to the study

1.2 Statement of the problem
1.3 Aims and objectives
1.4 Significance of the study
1.5 Scope of the study
1.6 Limitation of the study
1.7 Definition of terms
1.8 List of abbreviations

IMPROVING CYBER SECURITY THROUGH PHISHING DETECTION

INTRODUCTION

1.1 Background to the Study

The need to secure our data, devices, networks and other personal information in this age where cyber
attacks are rampant cannot be overemphasized.

Cyber security is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It is a technique used to protect against cyber attacks, data
breaches, intrusion and preventing unauthorized access into our digital walls. It is a way of protecting or
keeping systems that are connected through the internet such as hardware, software and data from
cyber threats.

Phishing, according to the Oxford dictionary, is the practice of sending emails purporting to be from
reputable companies in order to induce individuals to reveal personal information, such as passwords
and credit card numbers. It is a way criminals (hackers or attackers) get sensitive information from users
by interacting with them, and making them supply little data that seems harmless but which are deadly.
Victims are tricked into disclosing information they know should be kept private. However, because they
trust the source of the information request and believe that party is acting with the best intentions, they
tend to give their response without thinking twice about it.

Vayansky, Kumar(2018) said , phishing is a major threat to all Internet users and is difficult to trace or
defend against since it does not present itself as obviously malicious in nature. In today's society,
everything is put online and the safety of personal credentials is at risk. Phishing can be seen as one of
the oldest and easiest ways of stealing information from people and it is used for obtaining a wide range
of personal details. It also has a fairly simple approach – send an email, email sends victim to a site, site
steals information.

It is a method of social engineering. Very often, phishing is done by electronic mail. This mail appears to
come from a bank or other service provider, and since many ignorant users of the internet forgets that
they are not supposed to trust anyone with their secrets online, they end up being deceived and
scammed. Phishing can be done using quite a lot of methods and approaches which when well framed,
deceives even the wise and brings them to their knees. Some of the forms of phishing are phishing
emails, spear phishing, link manipulation, fake websites, CEO fraud, content injection, session hijacking,
malware, evil-twin Wi-Fi, mobile phishing, voice phishing, man-in-the-middle, etc.

1.2 Statement of the problem

The increase in number of users, devices and programs in the modern enterprise, combined with the
increase in data, much of which is sensitive or confidential, the importance of cyber security continues
to grow. The growing volume and sophistication of cyber attackers and their attack techniques
compound the problem even further. Also, the fact that not everyone is aware of the lurking dangers
attached to the use of these modern trends and not everyone can recognize and avoid being a victim,
hence the need to explore, sensitize and prevent potential users of the modern mobility from being
victimized through phishing.
1.3 Aim and Objectives

1. To review the forms, implications and consequences of phishing, and its examples.

2. To sensitize on how to detect phishing and avoid being a victim.

3. To make recommendations on software and websites that help in the detection of phishing, testing
and protecting against it.

1.4 Significance of the Study

This study will be of benefit to all categories of people, organizations, schools, etc. It will expose
everyone to the danger involved in careless and unguarded entrusting of information on the internet. It
helps in making sure organization's data is safe from attacks from both internal and external bad actors,
from unauthorized access or damage, to ensure confidentiality, data integrity, and availability.

1.5 Scope of the Study

This study was prompted by a concern that even though the presence of hackers and cyber attackers
has been made evident many decades back, some modern internet users and mobile devices owners
still seem oblivious of the fact that they are vulnerable to attacks from them.

The target audiences of this research are internet users both learned and unlearned because ignorance
has no respect for literacy or illiteracy.

The scope covers only individual users of the internet excluding companies and organizations, because
of the limitations of time and finances.

1.6 Limitations of the Study

Audience: This work is restricted to users, so the results might not be applicable to organizations
because organizations and companies have a wider vulnerability level.
Time: There is a limited time for the completion of the project. As a student combining both academics
and part time jobs to make end meets, time will be a constraint to the completion of the project within a
fixed time.

Finances: Raising money to gather information, visit the respondent sites and transportation might also
be an issue.

Respondents’ Reactions: Even though, some might be aware of the dangers, they might not
condescend to learn new things they don’t know.

REFERENCESSSSSSSSSSS

Ike Vayansky Dr Sathish AP Kumar Computer Fraud & Security

Volume 2018, Issue 1, January 2018, Pages 15-20
https://doi.org/10.1016/S1361-3723(18)30007-1