Executive Summary Phishing attacks are the security attacks that have become a common occurrence in the presence times and have become a major cause of concern for the individual users and the business firms. The attack has impacted a major section of the users in the cyber community and has caused adverse implications as well. The business firms have lost millions of dollars due to these attacks and there has been damage done in the brand value and reputation. The paper covers the brief on the phishing attacks and provides the primary achievements and challenges associated with the control measures that are present. The goal of the paper is to list out the updated techniques and measures that can be used to deal with the issue of phishing attacks. Task 1 Introduction Phishing can be defined as a web-based criminal activity that makes use of the social engineering techniques and deceits the users to obtain sensitive and personal information from them. Under the social engineering techniques, the spoofing technique is often used to trick the users so that they may share some of the extremely sensitive information, such as the financial details or passwords to the attackers (Suganya, 2016). There are phishing toolkits that are also available which can be used to create a phishing page in a very short timeframe. In order to deal with such security risks and issues, there are numerous anti-phishing techniques that have been developed. These techniques can be further classified as technical and non-technical approaches (Hong, 2012). Preventive approach User Education There are many different preventive approaches, but perhaps most of them would be rendered ineffective unless the user’s themselves are not educated. The user awareness and perception of the phishing threats may lead to the avoidance of a number of security vulnerabilities (Patel, 2012). Following constitutes an effective user-training or awareness program and if applied, can help mitigate phishing based attacks significantly: 2
The employees shall be provided with the education and knowledge on the different attack methods that are used and the various defense strategies that can be applied. The employees shall be regularly updated about the latest modes of attacks that may be used through the emails (Baiomy, Mostafa and Youssif, 2019). The employees shall be provided knowledge on the differentiation between the legitimate mails and the ones that may be suspicious. The employees shall be having the understanding on the response and communication techniques that shall be used when a phishing email is shared. The links that are included in the mails have specific characteristics that may alert the useronthenon-authenticityofthelink.Theemployeesshallbeawareofsuch characteristics (May, 2013). The employees shall know that the response to the suspicious emails shall not be provided and the critical information must never be shared. Network Level Protection The utilization of the network security tools and the implementation of the network-level protection provide the ability to restrict specific IP addresses to obtain the network access. The access to such users and addresses is blocked and the chances of the phishing and other forms of network security attacks may be brought down as a result. The communication from the entities that are marked as spammers is blocked (Forte, 2009). This form of protection is also termed as the blacklist filters. These filters can be further classified in two types as anti-spam and DNS- based blacklist filters. The anti-spam filters are the ones that determine the origin of the mails and prevent the access in case of the suspicious mail origin. In the DNS-based technique, the blacklist is developed by the service providers and is updated at regular intervals to prevent the unauthorized access. Authentication also plays a significant role in the network security and protection. With proper authentication measures, the security at the user and the server level can be enhanced (Naidu, 2016). Link-based Protection The most common technique that is used to give shape to the security attack is the embedding of the link in the mails which is clicked upon by the users to redirect them to the fake web pages. The URLs are incorporated in the phishing mails and the users are asked to share the personal 3
and sensitive information on the page. The phishing mails are extracted with the use of certain features that are easy to identify (Christy, Merlin and D. C., 2019). The protection techniques that can be used in this regard include link guard and the use of the support vector machines (SVM). Blocking of Phishing Websites There is a very minute difference between the fake website and the original website in terms of the look and design of the site. The pattern used in the URL is also very similar that may make it difficult to spot the fake site. The phishers make sure that the difference is very minute so that it may become difficult for the user to identify the same. BlacklistandWhitelist The use of these lists can be done to block the phishing website. The URLs included under the blacklists shall be the ones that may have suspicious history or may have been involved in any of the phishing attacks in the past. Whitelist, on the other hand, shall include the list of the legitimate sites and sources. Google safe browsing API is the service that provides the ability to verify a URL if it is blacklisted or not. The issue of exact matching can be resolved using PhishNet (Ahmed and Naaz, 2019). Heuristics-basedblocking Heuristics include the protocols and the rules that may have been determined on the basis of the past results. The detection of the phishing attacks may be done using the heuristics- based blocking and it has been found to be quite effective as well (Babu, 2016). VisualSimilarities There are visual similarities that are usually focused upon by the attackers so that the difference between the fake and the legitimate site is not easy to determine. There are techniques and tools that have been developed to spot such visual differences. For example, the visual similarity-based phishing detection can be used along with the use of TrustBar (Fatima et al., 2019). Reactive Measures There are some of the reactive measures that may be followed towards the security. 4
Found this document preview useful?
You are reading a preview Upload your documents to download or Become a Desklib member to get accesss