共查询到19条相似文献,搜索用时 140 毫秒
1.
2.
网络钓鱼主要是指利用互联网进行的一种欺诈行为。随着互联网应用的广泛普及,针对在线身份窃取的网络钓鱼活动日益加剧。本文对网络钓鱼的特点、手段等问题进行了分析,并对其相应的防范对策作了一些探讨 相似文献
3.
一、网络钓鱼 "网络钓鱼"(英文名Phishing)一词非常形象地描绘出实施攻击的方式,即黑客利用欺骗性的电子邮件、伪造的网站(网络骗子多会选择伪造网上银行、知名电子商务网站及其它在线交易系统)来进行网络诈骗活动,以骗取目标用户的信用卡号等私人财务信息.有道是"姜太公钓鱼,愿者上钩",那些未能及时分辨出网站真伪的网友,就会中了圈套,进而蒙受或多或少的经济损失.更令人防不胜防的是,目前采用最新技术的"网络钓鱼"攻击方式,最终能够使访问者浏览到指定的合法网站.例如,在一条即时通讯工具的消息或一封电子邮件中,包含有指向钓鱼式网站的链接,该网站能够记录当前访问用户的ID和密码,而后再将用户引导到真正的目标网站. 相似文献
4.
“网络钓鱼”(英文名Phishing)一词非常形象地描绘出实施攻击的方式,即黑客利用欺骗性的电子邮件、伪造的网站(网络骗子多会选择伪造网上银行、知名电子商务网站及其它在线交易系统)来进行网络诈骗活动.以骗取目标用户的信用卡号等私人财务信息。有道是“姜太公钓鱼,愿者上钩”,那些未能及时分辨出网站真伪的网友.就会中了圈套,进而蒙受或多或少的经济损失。更令人防不胜防的是。目前采用最新技术的“网络钓鱼”攻击方式.最终能够使访问者浏览到指定的合法网站。例如,在一条即时通讯工具的消息或一封电子邮件中.包含有指向钓鱼式网站的链接.该网站能够记录当前访问用户的ID和密码.而后再将用户引导到真正的目标网站。 相似文献
5.
6.
7.
随着网络用户的日益增加,网上支付已逐渐成为被广为接受的便捷的支付方式。但在日益激增的网上交易量背后,突显出的安全问题成为网上支付急需解决的问题。除了防窃取外,身份认证同样是网上支付急待解决的问题。线下交易,由于其现场支付的特性,在身份认证方面有着天然的优势。但对在线支付,身份认证却是一份异常艰难的工作。手机已成为识别用户身份的标识。在三网合一的背景下,其提供的网络通讯功能也为在线识别提供了认证通道。越来越多的支付场景,使用短信认证,回拨功能完成交易期间的身份认证功能。 相似文献
8.
《数字社区&智能家居》2006,(13)
“网络钓鱼”(英文名Phi s hi ng)一词非常形象地描绘出了其实施攻击的方式,即黑客利用欺骗性的电子邮件、伪造的网站(网络骗子多会选择伪造网上银行、知名电子商务网站及其它在线交易系统)来进行网络诈骗活动,以骗取目标用户的信用卡号等私人财务信息。有道是“姜太公钓鱼,愿者上钩”,那些未能及时分辨出网站真伪的网友,就会中了圈套,进而蒙受或多或少的经济损失。网络钓鱼 相似文献
9.
《网络安全技术与应用》2006,(10):15
最近一段时间,很多用户都收到了一封貌似来自国家工商银行的邮件,如果用户点击了邮件正文中的超级链接,就会打开一个冒充中国工商银行的页面,由于仿冒得很像,用户往往认为自己进入了中国工商银行的真正网站,其实用户所造访的不过是一个假冒网站而已。图1便是曾经坑害过很多网银用户的钓鱼网站。图1假中国工商银行网站而真正的中国工商银行网站如图2所示。图2真中国工商银行网站假冒的工行页面几乎可以以假乱真,用户很难通过页面来分别真伪。如果用户在钓鱼网站上输入个人信息,不法分子便会利用电子邮件自动发送到事先设定好的邮箱,窃取用户… 相似文献
10.
网络钓鱼主要是指利用互联网进行的一种欺诈行为。随着互联网的广泛普及,针对在线身份窃取的网络钓鱼活动日益加剧。阐述了网络钓鱼的基本概念;对现有的网络钓鱼的攻击方式进行了较为全面的分类总结,在此基础上对目前主要的反钓鱼方法进行了分类研究,并对各种方法的优缺点进行了相应的分析;提出网络钓鱼在三个方面的发展趋势,并得出结论:只有将各种防御方法很好地结合起来才能更好地应对手段不断翻新的网络钓鱼攻击。 相似文献
11.
在线身份窃取攻击 总被引:7,自引:0,他引:7
杜跃进 《网络安全技术与应用》2005,(8):7-9
通过网络仿冒进行金融欺诈活动是当前的安全热点问题之一,越来越引起人们的重视。本文介绍了网络仿冒等在线身份窃取类攻击的有关情况和技术特点,并介绍了应对此类攻击的一些问题。 相似文献
12.
Phishing is an online identity theft, which aims to steal confidential information such as username, password and online banking details from its victims. To prevent this, anti-phishing education needs to be considered. Therefore, the research reported in this paper examines whether conceptual knowledge or procedural knowledge has a positive effect on computer users’ self-efficacy to thwart phishing threats. In order to accomplish this, a theoretical model based on Liang and Xue’s (2010) Technology Threat Avoidance Theory (TTAT) has been proposed and evaluated. Data was collected from 161 regular computer users to elicit their feedback through an online questionnaire. The study findings revealed that the interaction effect of conceptual and procedural knowledge positively impacts on computer users’ self-efficacy, which enhances their phishing threat avoidance behaviour. It can therefore be argued that well-designed end-user security education contributes to thwart phishing threats. 相似文献
13.
Phishing is an online identity theft that aims to steal sensitive information such as username, password and online banking details from its victims. Phishing education needs to be considered as a means to combat this threat. This paper reports on a design and development of a mobile game prototype as an educational tool helping computer users to protect themselves against phishing attacks. The elements of a game design framework for avoiding phishing attacks were used to address the game design issues. Our mobile game design aimed to enhance the users' avoidance behaviour through motivation to protect themselves against phishing threats. A think-aloud study was conducted, along with a pre- and post-test, to assess the game design framework though the developed mobile game prototype. The study results showed a significant improvement of participants' phishing avoidance behaviour in their post-test assessment. Furthermore, the study findings suggest that participants' threat perception, safeguard effectiveness, self-efficacy, perceived severity and perceived susceptibility elements positively impact threat avoidance behaviour, whereas safeguard cost had a negative impact on it. 相似文献
14.
Abstract This article outlines some thirty ways that fraudsters commonly commit identity theft and exploit stolen identities, with a little more information specifically on phishing using actual phishing e-mails to illustrate the techniques. 相似文献
15.
16.
Game based education is becoming more and more popular. This is because game based education provides an opportunity for learning in a natural environment. Phishing is an online identity theft, which attempts to steal sensitive information such as username, password, and online banking details from its victims. To prevent this, phishing awareness needs to be considered. This research aims to develop a game design framework, which enhances user avoidance behaviour through motivation to protect users from phishing attacks. In order to do this, a theoretical model derived from Technology Thread Avoidance Theory (TTAT) was developed and used in the game design framework (Liang & Xue, 2010). A survey study was undertaken with 150 regular computer users to elicit feedback through a questionnaire. The study findings revealed that perceived threat, safeguard effectiveness, safeguard cost, self-efficacy, perceived severity, and perceived susceptibility elements should be addressed in the game design framework for computer users to avoid phishing attacks. Furthermore, we argue that this game design framework can be used not only for preventing phishing attacks but also for preventing other malicious IT attacks such as viruses, malware, botnets and spyware. 相似文献
17.
Fujun LaiAuthor Vitae Dahui LiAuthor Vitae Chang-Tseh HsiehAuthor Vitae 《Decision Support Systems》2012,52(2):353-363
The proliferation of the online business transaction has led to a large number of incidents of identity theft, which have incurred expensive costs to consumers and e-commerce industries. Fighting identity theft is important for both online business and consumers. Although the practical significance of fighting identity theft has been of great interest, empirical studies on identity theft are very limited. Drawing upon coping behavior theories, this study examines two types of coping behaviors to fight identity theft (i.e., conventional coping and technological coping). Following structural equation modeling approach, we test the model using data collected from 117 subjects through a survey. The results reveal that both conventional coping and technological coping are effective to defend against identity theft. Technological coping is determined by an individual's conventional coping, self-efficacy, perceived effectiveness of coping, and social influence. This study presents a timely empirical study on identity theft, and provides valuable insights for consumers, government agencies, and e-commerce industries. 相似文献
18.
Felix Musau Guojun Wang Muhammad Bashir Abdullahi 《Peer-to-Peer Networking and Applications》2014,7(4):295-310
The simplicity with which products and prices are compared in e-commerce has introduced an attractive option for many online merchants. The completion of online business transactions with personal information provisioning has always been an act that beckons hesitation. Most online traders are highly conscious of various threats and attacks such as credit card fraud, identity theft, spoofing, hacking, phishing, and other abuses, leading to low trust in online business transactions. Online transactions take place among Peer-to-Peer (P2P) systems at the edge of the Internet. Peer communities are often established dynamically with peers that are unrelated and unknown to each other. In our proposed mechanism, peers form groups in order to ensure trust and security. Each group is established based on interest among peers. In this paper, we show how peers form groups, and select group leaders. A peer can belong to more than one group. Comparing with some existing work, our work reveals that peers can have common neighbors which have a similarity based on their interest. Our simulation results show that the model can deal with the malicious attacks efficiently by comparison with existing models. 相似文献
19.
Internet has become an essential component of our everyday social and financial activities. Nevertheless, internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customer’s confidence in e-commerce and online banking. Phishing is considered as a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain confidential information such as usernames, passwords and social security number. So far, there is no single solution that can capture every phishing attack. In this article, we proposed an intelligent model for predicting phishing attacks based on artificial neural network particularly self-structuring neural networks. Phishing is a continuous problem where features significant in determining the type of web pages are constantly changing. Thus, we need to constantly improve the network structure in order to cope with these changes. Our model solves this problem by automating the process of structuring the network and shows high acceptance for noisy data, fault tolerance and high prediction accuracy. Several experiments were conducted in our research, and the number of epochs differs in each experiment. From the results, we find that all produced structures have high generalization ability. 相似文献