Professional Documents
Culture Documents
Abstract — One of the most cutting-edge and potent hazards the resulting information found online to the highest
on the Internet is phishing. The phrase describes attacks when bidder.
the target is made to assume they are visiting a real website when
they are actually only viewing a replica of one. The most
common way to hack or steal passwords is through phishing.
This is accomplished by showing the bogus login page, also
known as the faked page. This study identifies the various types
of phishing attacks, the various approaches for phishing 1
detection, as well as the problems that arise when these threats
cannot be stopped. Emphasis has also been placed on the
necessity of developing a new type of structured framework for
evaluating the prevention mechanism for this fraudulent Target
Hacker
process.
3
Keywords: Phishing, Tab nabbing, UR, Phish Guard, Phish 4 2
Net, Spoof Guard, net craft, Detection
I. INTRODUCTION
Phishing is one technique used by phishing scammers to
trick unwary consumers into divulging their personal
information. A phishing website is a false website that has a
similar layout but goes to a different location. Criminals are
tricking computer users into disclosing private data, which
include passwords, bank account information, social security
numbers, and more. Users who are not suspicious post their
information believing that these websites are affiliated with Original Website Phishing Website
reputable financial organizations. These phishing websites
Note:
can only be quickly recognized by experts. However, not all
web users are experts in computer engineering; as a result, Attacker sends phishing mail to target.
they fall prey to phishing scams when they divulge their Victim clicks on fishing link & visits fake website.
personal information. [1] Hacker collects important credentials.
Hacker uses victim’s credential to access private
x Phase 1 - A malevolent hacker impersonating a trusted information.
source sends the target an email or message. The target
is frequently prompted to click on a third-party link in Fig. 1. How phishing attack takes place.
order to do a security check or a straightforward
feature upgrade.
II. OBJECTIVE
x Phase 2 - The victim clicks on the malicious link in the The purpose of this paper is to study and analyze various
email, believing it to be from the sender—a bank or problems in phishing attacks. To provide benefit to the user so
business—and is taken to a fake website that is made that a systematic and more strong approach can be used to
to look as real as possible. maintain and prevent users from email scams. This paper
x Phase 3 - The user is prompted to provide certain seeks to conduct a thorough literature study for the
confidential information on the false website, such as examination of various preventative measures. This paper will
login credentials for a particular website. The hacker evaluate these capabilities' trends over the previous two years
who created the website and malicious email receives and go over the countermeasures that are now in use.
all the information when it is entered. Additionally, put your attention on locating and assembling
the preventative measures and developing a framework for
assessing these models.
337
Authorized licensed use limited to: AMITY University. Downloaded on September 08,2023 at 08:53:20 UTC from IEEE Xplore. Restrictions apply.
2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE)
extension tools to restrict the IP address of the SMTP server, V. LIFE CYCLE OF PHISHING ATTACK
a domain, or even the sender's entire email domain. Due to the
possibility of forging the source address, this technique is not
impenetrable. With the volume of emails constantly growing,
it is becoming very difficult to counter phishing by email.
338
Authorized licensed use limited to: AMITY University. Downloaded on September 08,2023 at 08:53:20 UTC from IEEE Xplore. Restrictions apply.
2023 3rd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE)
detection and prevention mechanisms as well as how existing network.In: 2020 international conference on computation, automation
and knowledge management (ICCAKM), Dubai, United Arab
mechanisms might be enhanced in order to develop better Emirates, 2020, pp
preventative strategies. 1417.:https://doi.org/10.1109/ICCAKM46823.2020.9051480.
[7] Egele, Manuel, et al. "PoX: Protecting users from malicious Facebook
applications." Computer Communications 35.12 (2012): 1507-1515.
REFERENCES [8] Mian SM, Kumar R (2019) Review on intend adaptive algorithms for
[1] Suri, Rableen Kaur, Deepak Singh Tomar, and Divya Rishi Sahu. "An time critical applications in underwater weless sensor auditory and
approach to perceive tabnabbing attack."International Journal of multipath networ. In: 2019 international conference on automation,
Scientific and Technology Research 1.6 (2012): 90-94. computational and technology management (ICACTM), London, UK,
[2] Aburrous, Maher, et al. "Experimental case studies for investigating e- pp.469–472
banking phishing techniques and attack strategies." Cognitive (2019). https://doi.org/10.1109/ICACTM.2019.8776782
Computation 2.3 (2010): 242-253. [9] Jakobsson, Markus, and Sid Stamm. "Web camouflage: Protecting
[3] Alsayed, A., and A. Bilgrami. "E-banking security: Internet hacking, your clients from browser-sniffing attacks." IEEE security & Privacy
phishing attacks, analysis and prevention of fraudulent activities." Int. 5.6 (2007): 16-24.
J. Of Emerg. Techn. and Adv. Activ 7.1 (2017): 109-115. [10] Mian, Syed Mohtashim and Kumar, Rajeev, Security Analysis and
[4] Mohtashim Mian, S., Kumar, R. (2023). Deep Learning for Issues in Underwater Wireless Sensor Auditory and Multipath Network
Performance Enhancement Robust Underwater Acoustic (October 31, 2019). The International Journal of Analytical and
Communication Network. In: Maurya, S., Peddoju, S.K., Ahmad, B., Experimental Modal Analysis, Volume XI, Issue X, October/2019,
Chihi, I. (eds) Cyber Technologies and Emerging Sciences. Lecture Available at SSRN: https://ssrn.com/abstract=3896925
Notes in Networks and Systems, vol 467. Springer, Singapore. [11] Etaher, Najla, George RS Weir, and Mamoun Alazab. "From zeus to
https://doi.org/10.1007/978-981-19-2538-2_24 zitmo: Trends in banking malware." 2015 IEEE
[5] Nagunwa, Thomas. "Behind identity theft and fraud in cyberspace: the Trustcom/BigDataSE/ISPA. Vol. 1. IEEE, 2015
current landscape of phishing vectors." International Journal of Cyber-
Security and Digital Forensics (IJCSDF) 3.1 (2014): 72-83.
[6] Mohtashim Mian S, Kumar R (2020) Reduced time application (RTA)
in distributed underwater wireless sensor in multipath routing
339
Authorized licensed use limited to: AMITY University. Downloaded on September 08,2023 at 08:53:20 UTC from IEEE Xplore. Restrictions apply.