PHISHING - full report

In the field of computer security, Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.

There are many variations on this scheme. It is possible to Phish for other information in additions to usernames and passwords such as credit card numbers, bank account numbers, social security numbers and mothers’ maiden names. Phishing presents direct risks through the use of stolen credentials and indirect risk to institutions that conduct business on line through erosion of customer confidence. The damage caused by Phishing ranges from denial of access to e-mail to substantial financial loss.

This report also concerned with anti-Phishing techniques. There are several different techniques to combat Phishing, including legislation and technology created specifically to protect against Phishing. No single technology will completely stop Phishing. However a combination of good organization and practice, proper application of current technologies and improvements in security technology has the potential to drastically reduce the prevalence of Phishing and the losses suffered from it. Anti-Phishing software and computer programs are designed to prevent the occurrence of Phishing and trespassing on confidential information. Anti-Phishing software is designed to track websites and monitor activity; any suspicious behavior can be automatically reported and even reviewed as a report after a period of time.This also includes detecting Phishing attacks, how to prevent and avoid being scammed, how to react when you suspect or reveal a Phishing attack and what you can do to help stop Phishers.

A deceptive message is sent from the Phishers to the user.

A user provides confidential information to a Phishing server (normally after some interaction with

     the server).

The Phishers obtains the confidential information from the server.

The confidential information is used to impersonate the user.

The Phishers obtains illicit monetary gain.

Steps 3 and 5 are of interest primarily to law enforcement personnel to identify and prosecute Phishers. The discussion of technology countermeasures will center on ways to disrupt steps 1, 2 and 4, as well as related technologies outside the information flow proper.

CONCLUSION

No single technology will completely stop phishing. However, a combination of good organization and practice, proper application of current technologies, and improvements in security technology has the potential to drastically reduce the prevalence of phishing and the losses suffered from it. In particular:

High-value targets should follow best practices and keep in touch with continuing evolution of them.

Phishing attacks can be detected rapidly through a combination of customer reportage, bounce monitoring, image use monitoring, honeypots and other techniques.

Email authentication technologies such as Sender-ID and cryptographic signing, when widely deployed, have the potential to prevent phishing emails from reaching users.

Analysis of imagery is a promising area of future research to identify phishing emails.

Personally identifiable information should be included in all email communications. Systems allowing the user to enter or select customized text and/or imagery are particularly promising.

Browser security upgrades, such as distinctive display of potentially deceptive content and providing a warning when a potentially unsafe link is selected, could substantially reduce the efficacy of phishing attacks.

Information sharing between the components involved in a phishing attack – spam filters, email clients and browsers – could improve identification of phishing messages and sites, and restrict risky behavior with suspicious content.

Anti-phishing toolbars are promising tools for identifying phishing sites and heightening security when a potential phishing site is detected.

Detection of outgoing confidential information, including password hashing, is a promising area of future work, with some technical challenges.

An OS-level trusted path for secure data entry and transmission has the potential to dramatically reduce leakage of confidential data to unauthorized parties.

Two-factor authentication is highly effective against phishing, and is recommended in situations in which a small number of users are involved with a high-value target. Device identifier based two-factor authentication offers the potential for cost savings.

Cross-site scripting is a major vulnerability. All user content should be filtered using a let-in filter. Browser security enhancements could decrease the likelihood of cross-site scripting attacks.