Anti-phishing Strategies Research Articles

An Approach for Efficient and Accurate Phishing Website Prediction Using Improved ML Classifier Performance for Feature Selection

The article discusses the use of machine learning (ML) to combat phishing websites, which are deceptive sites that mimic trusted entities to steal sensitive information. This is why the continued invention of methods of identifying and counteracting phishing threats is beneficial. Such attacks pose significant risks to the integrity of online security. To enhance the success rate and specificity of predicting phishing websites, this study proposes a new approach that utilizes machine learning algorithms. To enhance the methods mentioned above and achieve better results in classification and better prediction of customer behaviour, the main points exposed to further transformations are increasing classifier accuracy and selecting an optimal feature space. Traditional anti-phishing strategies like blacklisting and heuristic searches often have slow detection times and high false positive rates. The article introduces a novel feature selection method to extract highly correlated features from datasets, thereby enhancing classifier accuracy. Using six feature selection techniques on a phishing dataset, it evaluates eight classifiers, including SVM, Logistic Regression, Random Forest, and others. The study finds that the Random Forest classifier combined with the Chi-2 feature selection method significantly improves model accuracy, achieving up to 96.99%.

Hybrid optimization enabled squeeze net for phishing attack detection

Nowadays, phishing attacks are considered as one of the most common cyber-attacks which generally harm the security of various internet and communication systems. The phishing websites are produced with the intention of determining the user's financial information by creating cyber threats. The loss of valuable user assets occurs due to the frequent creation and circulation of fake websites all over the internet. The negative impacts of phishing websites include financial loss, loss of intellectual property, reputational harm, and interruption of daily operations. To identify and lessen these attempts, several anti-phishing strategies have been put forth during the past ten years. However, they are still inaccurate and inefficient. To overcome this problem, intelligent approaches, like Deep Learning (DL) is used, which can accurately learn the inherent characteristics of the websites and identify phishing websites. In this paper, the phishing websites are determined effectively using the Fractional Dingo Hunter Prey Optimization-SqueezeNet (FDHPO-SqueezeNet) technique. The different features, like web features, ocular features, and Natural Language Processing (NLP) features are extracted separately from the website data. Later, the optimal features are selected, fused, and augmented, and allowed for the detection of phishing websites using SqueezeNet. Finally, the phishing detection is performed using SqueezeNet, where the detection performance of the SqueezeNet is increased by training using the FDHPO technique. The investigation results revealed that the designed FDHPO-SqueezeNet technique recorded greater performance when compared with other prevailing phishing detection approaches with a maximal of 93.05 % accuracy, 94.26 % sensitivity, and 93.75 % specificity, respectively.

Phishing: A Way of Attacking the Privacy

The Internet provides a fantastic platform for ordinary people to communicate. Criminal minds have figured out a means to steal personal information without having to meet the person and with the least danger of getting detected. It’s known as phishing. Phishing is a significant threat to the ecommerce sector. Customers’ trust in ecommerce is shattered, and electronic service providers suffer significant financial losses as a result. As a result, understanding phishing is critical. This document educates readers on phishing assaults and anti-phishing the recipient, the auction site will have a good yield. Anti-phishing strategies and online security rules have been recommended by both academia and industry practitioners in order to protect customers’ interests. Some commercial anti-spam and anti-phishing products block email from ”blacklisted” sites that they claim deliver spam and phishing emails, but allow email from software. Because of the obvious usability issues ”whitelisted” sites that they claim are known not to send it. This strategy appears to be anticompetitive because it unfairly discriminates against smaller and lesser-known sites.

Modeling Hybrid Feature-Based Phishing Websites Detection Using Machine Learning Techniques

In this paper, we mainly present a machine learning based approach to detect real-time phishing websites by taking into account URL and hyperlink based hybrid features to achieve high accuracy without relying on any third-party systems. In phishing, the attackers typically try to deceive internet users by masking a webpage as an official genuine webpage to steal sensitive information such as usernames, passwords, social security numbers, credit card information, etc. Anti-phishing solutions like blacklist or whitelist, heuristic, and visual similarity based methods cannot detect zero-hour phishing attacks or brand-new websites. Moreover, earlier approaches are complex and unsuitable for real-time environments due to the dependency on third-party sources, such as a search engine. Hence, detecting recently developed phishing websites in a real-time environment is a great challenge in the domain of cybersecurity. To overcome these problems, this paper proposes a hybrid feature based anti-phishing strategy that extracts features from URL and hyperlink information of client-side only. We also develop a new dataset for the purpose of conducting experiments using popular machine learning classification techniques. Our experimental result shows that the proposed phishing detection approach is more effective having higher detection accuracy of 99.17% with the XG Boost technique than traditional approaches.

Research on Anti-phishing Strategy of Smart Phone

Phishing is a fraudulent method of online identity forgery. With the development of mobile Internet and the popularity of smart phones, many phishing methods and forms for smart phones appears. Mobile phone phishing has the characteristics, such as strong allure, chaotic information, clear target, short attack time and dynamic conversion of attack sources. It steals users’ privacy information and even endangers users’ fund security by creating fake networks, fake base station SMS phishing, sending phishing emails, malicious code attacks, malicious WiFi phishing attacks, etc. Some specific measures against mobile phone phishing are put forword in this paper, such as installing and updating mobile phone security software, using various anti-spam technologies, paying attention to personal information disclosure of social platforms, carefully linking WiFi, and preventing mobile payment traps.

Testing the waters

Are your users the weakest link in your anti-phishing strategies? Try Gophish and find out.

Anti-Phishing Strategy Model for Detection of Phishing Website in E-Banking

Anti-Phishing Strategy Model for Detection of Phishing Website in E-Banking

Enhancing Predictive Analytics for Anti-Phishing by Exploiting Website Genre Information

Phishing websites continue to successfully exploit user vulnerabilities in household and enterprise settings. Existing anti-phishing tools lack the accuracy and generalizability needed to protect Internet users and organizations from the myriad of attacks encountered daily. Consequently, users often disregard these tools’ warnings. In this study, using a design science approach, we propose a novel method for detecting phishing websites. By adopting a genre theoretic perspective, the proposed genre tree kernel method utilizes fraud cues that are associated with differences in purpose between legitimate and phishing websites, manifested through genre composition and design structure, resulting in enhanced anti-phishing capabilities. To evaluate the genre tree kernel method, a series of experiments were conducted on a testbed encompassing thousands of legitimate and phishing websites. The results revealed that the proposed method provided significantly better detection capabilities than state-of-the-art anti-phishing methods. An additional experiment demonstrated the effectiveness of the genre tree kernel technique in user settings; users utilizing the method were able to better identify and avoid phishing websites, and were consequently less likely to transact with them. Given the extensive monetary and social ramifications associated with phishing, the results have important implications for future anti-phishing strategies. More broadly, the results underscore the importance of considering intention/purpose as a critical dimension for automated credibility assessment: focusing not only on the “what” but rather on operationalizing the “why” into salient detection cues.

Organizations Respond to Phishing: Exploring the Public Relations Tackle Box

Relationship management theory focuses on processes of shared goals and favorable outcomes for organizations and their publics. Relationship management theory also provides theoretical justification for research exploring the threat phishing poses to upend the shared goal between organizations and their publics to secure online financial and personal information. Phishing refers to the fraudulent and increasingly authentic looking e-mail attempts aimed to lure unsuspecting recipients into sharing information such as credit card, checking account, and social security numbers. Internet security recommendations were used to develop and assess compliance with 24 strategies aimed to help organizations and publics protect online information. Results show surprisingly low adherence of many recommended anti-phishing strategies. Efforts to protect organization-public relationships are discussed, as are future research projects to explore phishing effects and anti-phishing advocacy.

An antiphishing strategy based on visual similarity assessment

The authors' proposed antiphishing strategy uses visual characteristics to identify potential phishing sites and measure suspicious pages similarity to actual sites registered with the system. The first of two sequential processes in the SiteWatcher system runs on local email servers and monitors emails for keywords and suspicious URLs. The second process then compares the potential phishing pages against actual pages and assesses visual similarities between them in terms of key regions, page layouts, and overall styles. The approach is designed to be part of an enterprise antiphishing solution.