Title: An overview of phishing attacks and their detection techniques
Authors: Mehdi Dadkhah; Mohammad Davarpanah Jazi; Majid Saidi Mobarakeh; Shahaboddin Shamshirband; Xiaojun Wang; Sachin Raste
Addresses: Department of Computer and Information Technology, Foulad Institute of Technology, Fouladshahr, Isfahan 8491663763, Iran ' Department of Computer and Information Technology, Foulad Institute of Technology, Foulad Shahr, Isfahan 8491663763, Iran ' Department of Computer, Mobarakeh Branch, Islamic Azad University, Mobarakeh, Iran ' Department of Computer System and Information Technology, Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur, Malaysia ' School of Electronic Engineering, Dublin City University, Ireland ' eScan Company, India
Abstract: With rapid spread of the internet and cyber space, it has gained numerous applications and has been used as a powerful tool for social collaborations, communications and trades. The internet has superior performance to the traditional ways, as well as many useful features. This has been a reason for its growing usage in online trade and emergence of electronic commerce (e-commerce). Security is an essential requirement in electronic interactions. In this context, phishing attacks are among the most important challenges e-commerce is faced with. On the other hand, it is one of the mostly used methods for password stealing. In phishing attacks, the attacker redirects the victim to their fake web pages in order to steal their sensitive information such as passwords. Numerous methods have been devised to defeat such attacks. Web pages, e-mails and URLs used for phishing attacks have some features which can be used to identify fake pages. In this article, we try to introduce different types of phishing attacks and possible detection techniques for them, then discuss about advantages and disadvantages of each technique. Finally, we state that which anti phishing techniques can be used for detection of each phishing types.
Keywords: phishing attacks; anti-phishing; social engineering; malware; attack detection; network security.
DOI: 10.1504/IJIPT.2016.081319
International Journal of Internet Protocol Technology, 2016 Vol.9 No.4, pp.187 - 195
Received: 12 Oct 2015
Accepted: 28 Jul 2016
Published online: 04 Jan 2017 *