A game design framework for avoiding phishing attacks

Game based education is becoming more and more popular. This is because game based education provides an opportunity for learning in a natural environment. Phishing is an online identity theft, which attempts to steal sensitive information such as username, password, and online banking details from its victims. To prevent this, phishing awareness needs to be considered. This research aims to develop a game design framework, which enhances user avoidance behaviour through motivation to protect users from phishing attacks. In order to do this, a theoretical model derived from Technology Thread Avoidance Theory (TTAT) was developed and used in the game design framework (Liang & Xue, 2010). A survey study was undertaken with 150 regular computer users to elicit feedback through a questionnaire. The study findings revealed that perceived threat, safeguard effectiveness, safeguard cost, self-efficacy, perceived severity, and perceived susceptibility elements should be addressed in the game design framework for computer users to avoid phishing attacks. Furthermore, we argue that this game design framework can be used not only for preventing phishing attacks but also for preventing other malicious IT attacks such as viruses, malware, botnets and spyware.     

Security awareness of computer users: A phishing threat avoidance perspective

Phishing is an online identity theft, which aims to steal confidential information such as username, password and online banking details from its victims. To prevent this, anti-phishing education needs to be considered. Therefore, the research reported in this paper examines whether conceptual knowledge or procedural knowledge has a positive effect on computer users’ self-efficacy to thwart phishing threats. In order to accomplish this, a theoretical model based on Liang and Xue’s (2010) Technology Threat Avoidance Theory (TTAT) has been proposed and evaluated. Data was collected from 161 regular computer users to elicit their feedback through an online questionnaire. The study findings revealed that the interaction effect of conceptual and procedural knowledge positively impacts on computer users’ self-efficacy, which enhances their phishing threat avoidance behaviour. It can therefore be argued that well-designed end-user security education contributes to thwart phishing threats.     

使用可信计算技术防范网络仿冒攻击

网络仿冒攻击已经成为互联网上最大的安全威胁之一,给金融机构和普通消费者造成了巨大的损失,严重影响了网上银行和电子商务的发展。我们分析了当前网络浏览器存在的安全漏洞,讨论了在线用户验证的问题,并且提出了使用可信计算平台对在线用户验证的方法。这种方法不仅能使很多网络仿冒攻击失效,而且可以防范其他在线攻击。     

一种防范钓鱼网站的方法

网络钓鱼是在线身份窃取的一种。近年来,网络钓鱼成为了在线身份窃取的主流。要防止网络钓鱼,最重要的是让用户能够识别网站的真伪。本文提出了一种让用户能够有效地识别网站真伪的技术:当用户需要辨别网站真伪时,先输入一个私数,上传到服务器;然后,服务器返回一组与此私数相关的特有的防钓码,用户看到这组防钓码,便知网站真假。由于防钓码因由户给出的私数而异,钓鱼者很难伪造,运用此法可有效的防范钓鱼网站。     

网络钓鱼防御方法研究

网络钓鱼主要是指利用互联网进行的一种欺诈行为。随着互联网的广泛普及,针对在线身份窃取的网络钓鱼活动日益加剧。阐述了网络钓鱼的基本概念;对现有的网络钓鱼的攻击方式进行了较为全面的分类总结,在此基础上对目前主要的反钓鱼方法进行了分类研究,并对各种方法的优缺点进行了相应的分析;提出网络钓鱼在三个方面的发展趋势,并得出结论：只有将各种防御方法很好地结合起来才能更好地应对手段不断翻新的网络钓鱼攻击。     

网络钓鱼分析与防范

随着互联网应用在我国的飞速发展,网络钓鱼的数量也在迅速增加,给我国的互联网用户和企业造成了极大的经济损失,严重阻碍了在线金融、电子商务应用的健康发展.面对网络钓鱼的日益肆虐,仅靠增强网民的主动防范意识来避免"网络钓鱼"是远远不够的.在分析网络钓鱼欺骗伎俩和破解技巧的基础上,着重对互联网应用企业提出了几条建议,以加强其对...     

A recent review of conventional vs. automated cybersecurity anti-phishing techniques

In the era of electronic and mobile commerce, massive numbers of financial transactions are conducted online on daily basis, which created potential fraudulent opportunities. A common fraudulent activity that involves creating a replica of a trustful website to deceive users and illegally obtain their credentials is website phishing. Website phishing is a serious online fraud, costing banks, online users, governments, and other organisations severe financial damages. One conventional approach to combat phishing is to raise awareness and educate novice users on the different tactics utilised by phishers by conducting periodic training or workshops. However, this approach has been criticised of being not cost effective as phishing tactics are constantly changing besides it may require high operational cost. Another anti-phishing approach is to legislate or amend existing cyber security laws that persecute online fraudsters without minimising its severity. A more promising anti-phishing approach is to prevent phishing attacks using intelligent machine learning (ML) technology. Using this technology, a classification system is integrated in the browser in which it will detect phishing activities and communicate these with the end user. This paper reviews and critically analyses legal, training, educational and intelligent anti-phishing approaches. More importantly, ways to combat phishing by intelligent and conventional are highlighted, besides revealing these approaches differences, similarities and positive and negative aspects from the user and performance prospective. Different stakeholders such as computer security experts, researchers in web security as well as business owners may likely benefit from this review on website phishing.     

利用图像识别技术过滤海量可疑钓鱼网站

网络钓鱼攻击（phishing,又称钓鱼攻击、网络钓鱼）作为一种主要基于互联网传播和实施的新兴攻击、诈骗的方式,正呈逐年上升之势,使广大用户和金融机构遭受到财产和经济损失。如何及时、有效地识别网络钓鱼相关的互联网风险,控制钓鱼攻击可能带来的影响,已经成为各金融机构当前亟待解决的问题。因此,各大银行、证券公司以及安全公司纷纷推出自己的反钓鱼监控服务,目前的反钓鱼技术普遍采取利用爬虫主动进行大范围互联网仿冒站点的搜素,爬取大量可疑钓鱼网站,并逐一对可疑钓鱼网站进行检测,判断其是否为钓鱼网站。面对海量可疑网站,如何高效快速地检测出可疑钓鱼网站又成为一个难题。文中介绍了一种基于图像识别技术的网站徽标（LOGO）检测的新思路,用于过滤海量的可疑钓鱼网站,加快钓鱼网站的检测效率。     

基于集成学习的钓鱼网页深度检测系统

网络钓鱼是一种在线欺诈行为,它利用钓鱼网页仿冒正常合法的网页,窃取用户敏感信息从而达到非法目的.提出了基于集成学习的钓鱼网页深度检测方法,采用网页渲染来应对常见的页面伪装手段,提取渲染后网页的URL信息特征、链接信息特征以及页面文本特征,利用集成学习的方法,针对不同的特征信息构造并训练不同的基础分类器模型,最后利用分类集成策略综合多个基础分类器生成最终的结果.针对PhishTank钓鱼网页的检测实验表明,本文提出的检测方法具有较好的准确率与召回率.     

可信计算环境下的防钓鱼攻击技术

网络欺诈和钓鱼攻击等在线攻击行为已经成为重要的网络安全问题。该文在讨论在线用户认证的基础上,提出了一种基于可信计算技术的在线用户认证技术。该技术可使某些钓鱼攻击失效,且可以抵抗其他类型的在线攻击。     

A multi-tier phishing detection and filtering approach

Phishing attacks continue to pose serious risks for consumers and businesses as well as threatening global security and the economy. Therefore, developing countermeasures against such attacks is an important step towards defending critical infrastructures such as banking. Although different types of classification algorithms for filtering phishing have been proposed in the literature, the scale and sophistication of phishing attacks have continued to increase steadily. In this paper, we propose a new approach called multi-tier classification model for phishing email filtering. We also propose an innovative method for extracting the features of phishing email based on weighting of message content and message header and select the features according to priority ranking. We will also examine the impact of rescheduling the classifier algorithms in a multi-tier classification process to find out the optimum scheduling. A detailed empirical performance and analysis of the proposed algorithm is present. The results of the experiments show that the proposed algorithm reduces the false positive problems substantially with lower complexity.     

Phishing for phishing awareness

Using various social-engineering techniques, criminals run havoc on the Internet and defraud many people in a number of different ways. This puts various organisational communities at risk. Therefore, it is important that people within such communities should learn how to protect themselves when active in cyberspace, or when dealing with cyber-related technologies. Training can indeed play a big role in this regard, and consequently, assist by altering the insecure behaviour of many people. The objective of this article is to ascertain whether simulating phishing attacks together with embedded training can contribute towards cultivating users’ resistance towards ‘phishing attacks’. In order to achieve this objective, a phishing exercise at an institution in South Africa was conducted.     

Spike in phishing and malware a danger to IT

Security firms are reporting that IT departments must be careful of increased threats to corporate networks and data from phishing and malware attacks. There are 33 million unique phishing messages every week, according to Dave Cole, director of security product management at Symantec Security Response. He says this plus an increase in the distribution of malware designed to steal confidential information presents a challenge for IT. Phishing, according to the Anti-Phishing Working Group (APWG), an industry association devoted to eliminating phishing, is definable as attacks that "use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials." Corporations often find that they are victims of another type of phishing attack in which attackers use their good brand names and logos to trick people into responding to bogus solicitations. Although basic security approaches can protect against phishing and malware, Cole says it is also important to have "good Internet security hygiene" and multiple levels of protection for mail clients, servers, and client machines.     

Trust calibration of automated security IT artifacts: A multi-domain study of phishing-website detection tools

Phishing websites become a critical cybersecurity threat affecting individuals and organizations. Phishing-website detection tools are designed to protect users against such sites. Nevertheless, detection tools face serious user trust and suboptimal performance issues which require trust calibration to align trust with the tool’s capabilities. We employ the theoretical framework of automation trust and reliance as a kernel theory to develop the trust calibration model for phishing-website detection tools. We test the model using a controlled lab experiment. The results of our analysis show that users’ trust in detection tools can be calibrated by trust calibrators. Moreover, users’ calibrated trust has significant consequences, including users’ tool reliance, use, and performance against phishing websites.     

网络钓鱼识别研究综述

随着互联网的不断发展,网络钓鱼给人们日常生活带来的威胁与日俱增。网络钓鱼识别技术是对抗钓鱼攻击的核心安全技术,可以帮助人们有效避免钓鱼攻击引起的安全威胁。首先,从网络钓鱼的基本概念入手,详细分析了网络钓鱼识别技术的研究现状,然后,对目前网络钓鱼识别的应用场景进行了归纳和总结,最后,对今后可能的研究方向进行了讨论。     

Five-tier barrier anti-phishing scheme using hybrid approach

ABSTRACT

Though hoaxing people to make financial benefits is an old idea, phishers have realized that social engineering tools for web attacks are relatively easy to execute and are highly profitable over the Internet. One of the threatening criminal activities is phishing, in which the phishers trap users into revealing their identities and financial information to a fraudulent website. Researchers have proposed a number of anti-phishing techniques based on blacklist, whitelist, and visual similarity, but the major disadvantage with such approaches is that they are slow techniques with high false positive rates. For robust detection of phishing attacks, this article uses fundamentals of heuristic factors and a whitelist. The article proposes a safeguard scheme referred as the five-tier barrier hybrid approach. Input to the five-tier barrier is a uniform resource locator (URL), and output of the application is a status of the page (“Secure Connection” representing a legitimate URL, “Phishing Alert” representing phishing URL, and “Query Page” representing that the webpage needs to be processed further/failure of JSoup connection). In comparison to a blacklist, the five-tier barrier is competent in detecting zero-hour phishing attacks, and it is much faster than visual similarity–based anti-phishing techniques.     

A lightweight and proactive rule-based incremental construction approach to detect phishing scam

The development of digitization over the globe has made digital security inescapable. As every single article on this planet is being digitalized quickly, it is more important to protect those items. Numerous cyber threats effectively deceive ordinary individuals to take away their identifications. Phishing is a kind of social engineering attack where the hackers are using this kind of attack in modern days to steal the user's credentials. After a systematic research analysis of phishing technique and email scam, an intrusion detection system in chrome extension is developed. This technique is used to detect real-time phishing by examining the URL, domain, content and page attributes of an URL prevailing in an email and any web page portion. Considering the reliability, robustness and scalability of an efficient phishing detection system, we designed a lightweight and proactive rule-based incremental construction approach to detect any unknown phishing URLs. Due to the computational intelligence and nondependent of the blacklist signatures, this application can detect the zero-day and spear phishing attacks with a detection rate of 89.12% and 76.2%, respectively. The true positive values acquired in our method is 97.13% and it shows less than 1.5% of false positive values. Thus the application shows the precision level higher than the previous model developed and other phishing techniques. The overall results indicate that our framework outperforms the existing method in identifying phishing URLs.

     

商业银行如何有效保障网上银行的信息安全

随着互联网技术的发展,金融信息化程度越来越高,网上银行这种高效快捷的金融服务也得到了快速发展。由于互联网的不安全性,网上银行容易受到不法分子的攻击,严重威胁了用户的个人隐私和资金安全。近年来,针对网上银行的安全事件一直持续不断。本文针对这种情况,对商业银行如何有效保障网上银行的信息安全提出了一些建议。     

Intelligent phishing detection and protection scheme for online transactions

Phishing is an instance of social engineering techniques used to deceive users into giving their sensitive information using an illegitimate website that looks and feels exactly like the target organization website. Most phishing detection approaches utilizes Uniform Resource Locator (URL) blacklists or phishing website features combined with machine learning techniques to combat phishing. Despite the existing approaches that utilize URL blacklists, they cannot generalize well with new phishing attacks due to human weakness in verifying blacklists, while the existing feature-based methods suffer high false positive rates and insufficient phishing features. As a result, this leads to an inadequacy in the online transactions. To solve this problem robustly, the proposed study introduces new inputs (Legitimate site rules, User-behavior profile, PhishTank, User-specific sites, Pop-Ups from emails) which were not considered previously in a single protection platform. The idea is to utilize a Neuro-Fuzzy Scheme with 5 inputs to detect phishing sites with high accuracy in real-time. In this study, 2-Fold cross-validation is applied for training and testing the proposed model. A total of 288 features with 5 inputs were used and has so far achieved the best performance as compared to all previously reported results in the field.