Site Loader

 

Devanshi
Madhani ,Dikshita Patel           Student
Of Department Information    Technology ,
Shri Bhagubhai Mafatlal Polytechnic,India.

 

ABSTRACT

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Phishing is a malicious attempt to steal user’s personal
information such as credentials information, bank  account details, secured data unknowingly.
This  crucial security hack is done by phishers
who sends spoofed messages,emails which 
directs them to fake websites. The proportion of legitimate users
falling prey to this attack is increasing day by day,so the main focus of this
paper is to conceal users credentials while signing in as well as signing
up.The paper also demonstrates a client-server architecture which describes the
remedy towards different attacks.

 

Keywords

Phishing
,spoofing,phishers,mongers

IIntroduction:Phishing is a  scam in which the fraudster tries to grasp
information such as login credentials or account information by simulating as a
reputable entity or person in email, IM or other communication channels.

Fig1.1
Process of Phishing

Prior to email spoofing , social engineering attacks were
performed .In this engineering the malicious attackers used to send fake
messages over mobiles which became the pioneer of phishing. There are two types
of attacks active attack  and passive
attack . Phishing is a passive attack. There are two types of attackers:
mongers and posers. Mongers are ethical and powerful hackers, they are hard
core attackers .Posers   are unethical
hackers directed by mongers. The  user
speculates the website as an authenticated one 
and enters his/her personal information which leads to their breach of
personal data

 

 

.

Swapna
Naik                                         
Professor   In  Department 
Information   Technology , Shri  Bhagubhai Mafatlal Polytechnic,India.

 

The main objective 
in this section is to make users aware about the scams going in the
social media.

 

 

About
various types of anti-phishing techniques.SectionIVdiscusses about the
algorithms.Section V discusses the literature survey and  sectionVIIgives the drawbacks about the
referenced papers and also demonstrate our ideas  to overcome them .Finally section VIII
concludes our paper.

IITypes of phishing attacks:                                                                
This
section discusses about the various types of attacks which are incorporated by
the phishers to steal users personal data.

·       
Deceptive phishing:

The
common type of phishing scam, deceptive phishing refers to any attack by which phishers
try to impersonate alegitimate company and attempt to grab people’s personal
information or signup credentials. Those emails frequently use threats and a
sense of urgency to frighten users into doing the attackers’ tenders.

·       
Man in the middle:

In thisapproach ,theattacker is located between the
victim and the real website acting as the proxy server. By  doing so, he can listen to all communication
between them. In order to be successful, attcakers must be able to redirect
victims to their own proxy, instead of to the real server. There are several
methods, such as transparent proxies, DNS Cache Poisoning and Uniform Resource
Locator(URL)  befogation, among others.

·        
Malware phishing:

Malware based phishing is a
widespread collection of phishing techniques which include key loggers and
screen loggers hosts file poisoning web Trojan, system reconfiguration attacks
and pole phishing, session hijacking data theft malware based techniques tend
to install and run malicious software on the users machine.

·        
DNS phishing:

DNS based phishing relies on hosts
file modification.   In this type of
phishing, phishers change the hosts files or domain name system in such a way
that requests for URLs or name service returns afradulent address and
subsequent communications are unaware that the website where they are entered
the confidential information to the phisher.

These
are the basic four types of phishing.Manyother 
types of p          hishing attacks
exist that malfunctions the system and fraudsters use this techniques to
violate the legitimate users information.

Post Author: admin

x

Hi!
I'm Erica!

Would you like to get a custom essay? How about receiving a customized one?

Check it out