Phishing: Concept, Types, And Countermeasures

The activity may include extraction of the login details or details of the account of the user. The phishing activity can be termed as popular cybercrime due to the factor that it is very easy to trick someone to click a malicious link in an email, which is seemingly legitimate.

Problem Description

Phishing can be termed as a form of fraud in which the attacker masquerades as a reputable entity or a person in the form of email or other form of channel communication. The main idea, which is involved in the activity, is that the attacker uses phishing emails in order to distribute attachments and malicious link that can perform variety of functions. The activity may include extraction of the login details or details of the account of the user. The phishing activity can be termed as popular cybercrime due to the factor that it is very easy to trick someone to click a malicious link in an email, which is seemingly legitimate. After this activity, the hackers try to break through the defense of the computer.

The main aim of the report is to put emphasis on the term of phishing and its associated working field. The focus would be put on the concept of the problem, which is associated in the area and the defensive measure, which can be applied to the area. As the concept is involved in the area of the cyber criminals, it should be of high importance to defend against it and safe the user from the activity.

The phishing majorly relies on a concept where the attackers indulge themselves as some other person. This is based on human level relationship and reputation with a target trying to uncover information. There is conflict that the concept of the phishing can be termed as a science problem related to social, due to the factor that the attacker implement the tools which are social to exploit the victims. On the other hand, there is a counter of the agreement that it requires technical knowledge about the system, which is used by the victim. Concept of avoiding the security measures and directly making the message look very much credible in order to gain attention of the user. In order to classify the vectors of the attack the problem can be defined through the concept of both social engineering as well as technical prospective.

• The lure can be considered as the most commonly used email message that basically appear to be from the end of a legitimate organization for example bank or internet service provider. The message usually contains links in order to hock the system. The hock is hidden by a obfuscating the URL.
• The hook can be termed as a basic website which is a mimic of the site of the legitimate institute, which the victim or the phish is willing to obtain the information from, which are confidential.
• The catch can be referred as to making use of the information, which is being collected from the process.

A phishing activity typically involves few basic steps, which can be referred to as technical tricks. These tricks are usually done in order to make them more convincing to the user. Few steps that can be incorporated are:

• Using of trademarks, images, logos, which may be associated with an organization. The phisher wants the user to fell that it from the end of an authenticated person or organization.
• In some of the cases it is seen that the email itself include the advice towards the user not to click on the email link. This approach makes the message look more authenticated and clearly, the user would directly click on the link, which are embedded.
• URL encoding and hiding.
• It can be more beneficial from the point of view of the user to click on the client if the message is originated from an end the user knows .

• Spear phishing: one of the most troubling development is in the sector of Spear phishing. This refers to email which are targeted to particular groups and user rather than spamming random user. Spear phishing is generally preceded from the end of the attacker taking into researching the setting and the potential victim. The attacker sends a message, which exactly appear to be from the source of a legitimate end. The concept of the Spear phishing is also incorporated for the corporates executive or official of the government. This type of attack are also known as “Whaling”.
• Clone phishing: In clone phishing, phishing a previously delivered email of a legitimate user is introduced to be used to clone the malicious email. The email, which is malicious, contains a redirection link to the website of the phisher. Such types of link are mostly obfuscated by the either substituting characters which are similar such as zero (0) for capital alphabet 0 (capital o). On the other hand, it can be done using Unicode UTF- 8 characters, which are encoded as sequence escape.
• Malware based phishing: Malware phishing can be referred to as an attack that result in running and installing malicious software in the user’s computer. Generally, the malware is introduced into the system by means of a link, which is downloadable. In the phishing attack, the malware generally include screen grabbers and key loggers and spyware that can capture and logs the input of the keyboard of the victim’s computer as a main goal

It is believed that the problem, which is related to the concept of phishing, has to be directly tackled with a heuristic approach. This approach may include technical enhancement, user education and process engineering.

• Technical enhancement: Various software of anti spamming are available in the market which are claimed to be of high success rate to filter spam messages. Taking into consideration the reality, the software would be directly successful to filter illegal activity “Nigeria prince scams” but on the other hand yield the more complicated phish craft . The concept of the filters and the firewalls might be effective in order to control the fixed source fraud communication. This may be handled by blocking the source and maintaining the concept of blacklist but it can be stated that the modern environment of the phishing is very much complicated.
• User education: the user training and education can be considered very much essential taking into consideration the skills of the user and the capability of using any electronic channel of communication. It should be taken into consideration that the phishing attack is at its most effective during the first few hours of the attack. Since the concept of the phishing attacks normal target of multiple user from either the same location or different location, sharing of the knowledge of the attack and how it is done should be a part of the program.
• Process engineering: Fine-tuning of the business can be done from the knowledge, which is learnt about the attack . The business process should be engineered in a way, which can provide appropriate balance and check, are kept in user informed judgment, and place .

There are no such silver bullet to tackle the issue, which are related to the phishing. The phishing countermeasures can be categorized into two parts client side tools, server side protection and other players.

• Client side tools
• Password management: The users usually select password, which are very easy to retrieve. The users should be encouraged to use different password and manage it using a password protection system. This would directly prevent capture the credential of the login for a single site it should limit the damage .
• Electronic communication filtering: the concept of electronic filtering should be adopted which filters the content of the data, which are exchanged on the corporate network. The encryption of the data should be a mandatory practice in order to ensure the security concept.
• Server side protection
• Authentication procedures: The scheme of single server authentication needs to be replaced with either factor authentication or two-factor authentication. The decision of which should be incorporated are taken on the factor of which one is cost effective. It should be taken into consideration that there are risk, which are associated with the intrusive procedures of the security, which may alienate the user. These procedures should be revised and renewed frequently to match the pace of the anti-security research and the development of industry.
• Other players

In recent times, there is a huge increase of the number of security researchers . Organization are very much advised to keep up pace with the community and report incident. The community of the well-advised group play a very vital role in suspicious activity prevention and detection. One’s a phishing attack is exposed, the related company or the organization should interact with the customer and the stakeholders and inform them about the fraud.

Conclusion:

The report can be ended on a note that the phishing attack plays a vital role in the sphere of advanced security over the network. The direct effect of the attack can be on an individual for an organization. Phishing can never be eradicated by preventive can decrease the overall effect of the attack. The user’s education remain one of the most important factors in order to provide the necessary details of the security aspects. The organization who provide the basic service also have to play a role in the activity.

Abdelhamid, Neda, Aladdin Ayesh, and Fadi Thabtah. "Phishing detection based associative classification data mining." Expert Systems with Applications 41.13 (2014): 5948-5959.

Arachchilage, Nalin Asanka Gamagedara, and Steve Love. "A game design framework for avoiding phishing attacks." Computers in Human Behavior 29.3 (2013): 706-714.

Gupta, B. B., et al. "Fighting against phishing attacks: state of the art and future challenges." Neural Computing and Applications 28.12 (2017): 3629-3654.

Marforio, Claudio, et al. "Hardened setup of personalized security indicators to counter phishing attacks in mobile banking." Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices. ACM, 2016.

Marforio, Claudio, et al. "Personalized security indicators to detect application phishing attacks in mobile platforms." arXiv preprint arXiv:1502.06824 (2015).

Vidas, Timothy, et al. "QRishing: The susceptibility of smartphone users to QR code phishing attacks." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2013.

Weaver, Greg, Allen Furr, and Robert Norton. "Deception of Phishing: Studying the Techniques of Social Engineering by Analyzing Modern-day Phishing Attacks on Universities." (2016).

Wright, Ryan T., et al. "Research Note—Influence Techniques in Phishing Attacks: An Examination of Vulnerability and Resistance." Information systems research 25.2 (2014): 385-400.

Wu, Longfei, Xiaojiang Du, and Jie Wu. "Effective defense schemes for phishing attacks on mobile computing platforms." IEEE Transactions on Vehicular Technology 65.8 (2016): 6678-6691.