Phishing Attacks | Research Report
Evaluate threats to electronic assets, analyse legalities of computer forensics, assess cloud computing risks, investigate company security strategy, assess computer media for evidentiary purposes.
12 Pages2749 Words45 Views
Added on 2022-09-09
Phishing Attacks | Research Report
Evaluate threats to electronic assets, analyse legalities of computer forensics, assess cloud computing risks, investigate company security strategy, assess computer media for evidentiary purposes.
Added on 2022-09-09
ShareRelated Documents
Contents
Executive Summary.......................................................................................................... 2
Task 1........................................................................................................................... 2
Introduction.................................................................................................................... 2
Preventive approach......................................................................................................... 2
User Education............................................................................................................ 2
Network Level Protection............................................................................................... 3
Link-based Protection.................................................................................................... 3
Blocking of Phishing Websites......................................................................................... 4
Reactive Measures........................................................................................................... 4
Policy Oriented Measures.................................................................................................. 5
Email Policy................................................................................................................ 5
Security Awareness Training Policy.................................................................................. 6
Acceptable Use Policy................................................................................................... 6
Conclusion..................................................................................................................... 6
Task 2........................................................................................................................... 7
Recovering deleted files..................................................................................................... 7
Recovering passwords....................................................................................................... 9
References................................................................................................................... 11
1
Executive Summary.......................................................................................................... 2
Task 1........................................................................................................................... 2
Introduction.................................................................................................................... 2
Preventive approach......................................................................................................... 2
User Education............................................................................................................ 2
Network Level Protection............................................................................................... 3
Link-based Protection.................................................................................................... 3
Blocking of Phishing Websites......................................................................................... 4
Reactive Measures........................................................................................................... 4
Policy Oriented Measures.................................................................................................. 5
Email Policy................................................................................................................ 5
Security Awareness Training Policy.................................................................................. 6
Acceptable Use Policy................................................................................................... 6
Conclusion..................................................................................................................... 6
Task 2........................................................................................................................... 7
Recovering deleted files..................................................................................................... 7
Recovering passwords....................................................................................................... 9
References................................................................................................................... 11
1
Executive Summary
Phishing attacks are the security attacks that have become a common occurrence in the presence
times and have become a major cause of concern for the individual users and the business firms.
The attack has impacted a major section of the users in the cyber community and has caused
adverse implications as well. The business firms have lost millions of dollars due to these attacks
and there has been damage done in the brand value and reputation. The paper covers the brief on
the phishing attacks and provides the primary achievements and challenges associated with the
control measures that are present. The goal of the paper is to list out the updated techniques and
measures that can be used to deal with the issue of phishing attacks.
Task 1
Introduction
Phishing can be defined as a web-based criminal activity that makes use of the social engineering
techniques and deceits the users to obtain sensitive and personal information from them. Under
the social engineering techniques, the spoofing technique is often used to trick the users so that
they may share some of the extremely sensitive information, such as the financial details or
passwords to the attackers (Suganya, 2016). There are phishing toolkits that are also available
which can be used to create a phishing page in a very short timeframe. In order to deal with such
security risks and issues, there are numerous anti-phishing techniques that have been developed.
These techniques can be further classified as technical and non-technical approaches (Hong,
2012).
Preventive approach
User Education
There are many different preventive approaches, but perhaps most of them would be rendered
ineffective unless the user’s themselves are not educated. The user awareness and perception of
the phishing threats may lead to the avoidance of a number of security vulnerabilities (Patel,
2012). Following constitutes an effective user-training or awareness program and if applied, can
help mitigate phishing based attacks significantly:
2
Phishing attacks are the security attacks that have become a common occurrence in the presence
times and have become a major cause of concern for the individual users and the business firms.
The attack has impacted a major section of the users in the cyber community and has caused
adverse implications as well. The business firms have lost millions of dollars due to these attacks
and there has been damage done in the brand value and reputation. The paper covers the brief on
the phishing attacks and provides the primary achievements and challenges associated with the
control measures that are present. The goal of the paper is to list out the updated techniques and
measures that can be used to deal with the issue of phishing attacks.
Task 1
Introduction
Phishing can be defined as a web-based criminal activity that makes use of the social engineering
techniques and deceits the users to obtain sensitive and personal information from them. Under
the social engineering techniques, the spoofing technique is often used to trick the users so that
they may share some of the extremely sensitive information, such as the financial details or
passwords to the attackers (Suganya, 2016). There are phishing toolkits that are also available
which can be used to create a phishing page in a very short timeframe. In order to deal with such
security risks and issues, there are numerous anti-phishing techniques that have been developed.
These techniques can be further classified as technical and non-technical approaches (Hong,
2012).
Preventive approach
User Education
There are many different preventive approaches, but perhaps most of them would be rendered
ineffective unless the user’s themselves are not educated. The user awareness and perception of
the phishing threats may lead to the avoidance of a number of security vulnerabilities (Patel,
2012). Following constitutes an effective user-training or awareness program and if applied, can
help mitigate phishing based attacks significantly:
2
The employees shall be provided with the education and knowledge on the different
attack methods that are used and the various defense strategies that can be applied.
The employees shall be regularly updated about the latest modes of attacks that may be
used through the emails (Baiomy, Mostafa and Youssif, 2019).
The employees shall be provided knowledge on the differentiation between the legitimate
mails and the ones that may be suspicious.
The employees shall be having the understanding on the response and communication
techniques that shall be used when a phishing email is shared.
The links that are included in the mails have specific characteristics that may alert the
user on the non-authenticity of the link. The employees shall be aware of such
characteristics (May, 2013).
The employees shall know that the response to the suspicious emails shall not be
provided and the critical information must never be shared.
Network Level Protection
The utilization of the network security tools and the implementation of the network-level
protection provide the ability to restrict specific IP addresses to obtain the network access. The
access to such users and addresses is blocked and the chances of the phishing and other forms of
network security attacks may be brought down as a result. The communication from the entities
that are marked as spammers is blocked (Forte, 2009). This form of protection is also termed as
the blacklist filters. These filters can be further classified in two types as anti-spam and DNS-
based blacklist filters. The anti-spam filters are the ones that determine the origin of the mails
and prevent the access in case of the suspicious mail origin. In the DNS-based technique, the
blacklist is developed by the service providers and is updated at regular intervals to prevent the
unauthorized access. Authentication also plays a significant role in the network security and
protection. With proper authentication measures, the security at the user and the server level can
be enhanced (Naidu, 2016).
Link-based Protection
The most common technique that is used to give shape to the security attack is the embedding of
the link in the mails which is clicked upon by the users to redirect them to the fake web pages.
The URLs are incorporated in the phishing mails and the users are asked to share the personal
3
attack methods that are used and the various defense strategies that can be applied.
The employees shall be regularly updated about the latest modes of attacks that may be
used through the emails (Baiomy, Mostafa and Youssif, 2019).
The employees shall be provided knowledge on the differentiation between the legitimate
mails and the ones that may be suspicious.
The employees shall be having the understanding on the response and communication
techniques that shall be used when a phishing email is shared.
The links that are included in the mails have specific characteristics that may alert the
user on the non-authenticity of the link. The employees shall be aware of such
characteristics (May, 2013).
The employees shall know that the response to the suspicious emails shall not be
provided and the critical information must never be shared.
Network Level Protection
The utilization of the network security tools and the implementation of the network-level
protection provide the ability to restrict specific IP addresses to obtain the network access. The
access to such users and addresses is blocked and the chances of the phishing and other forms of
network security attacks may be brought down as a result. The communication from the entities
that are marked as spammers is blocked (Forte, 2009). This form of protection is also termed as
the blacklist filters. These filters can be further classified in two types as anti-spam and DNS-
based blacklist filters. The anti-spam filters are the ones that determine the origin of the mails
and prevent the access in case of the suspicious mail origin. In the DNS-based technique, the
blacklist is developed by the service providers and is updated at regular intervals to prevent the
unauthorized access. Authentication also plays a significant role in the network security and
protection. With proper authentication measures, the security at the user and the server level can
be enhanced (Naidu, 2016).
Link-based Protection
The most common technique that is used to give shape to the security attack is the embedding of
the link in the mails which is clicked upon by the users to redirect them to the fake web pages.
The URLs are incorporated in the phishing mails and the users are asked to share the personal
3
and sensitive information on the page. The phishing mails are extracted with the use of certain
features that are easy to identify (Christy, Merlin and D. C., 2019). The protection techniques
that can be used in this regard include link guard and the use of the support vector machines
(SVM).
Blocking of Phishing Websites
There is a very minute difference between the fake website and the original website in terms of
the look and design of the site. The pattern used in the URL is also very similar that may make it
difficult to spot the fake site. The phishers make sure that the difference is very minute so that it
may become difficult for the user to identify the same.
Blacklist and Whitelist
The use of these lists can be done to block the phishing website. The URLs included
under the blacklists shall be the ones that may have suspicious history or may have been
involved in any of the phishing attacks in the past. Whitelist, on the other hand, shall
include the list of the legitimate sites and sources. Google safe browsing API is the
service that provides the ability to verify a URL if it is blacklisted or not. The issue of
exact matching can be resolved using PhishNet (Ahmed and Naaz, 2019).
Heuristics-based blocking
Heuristics include the protocols and the rules that may have been determined on the basis
of the past results. The detection of the phishing attacks may be done using the heuristics-
based blocking and it has been found to be quite effective as well (Babu, 2016).
Visual Similarities
There are visual similarities that are usually focused upon by the attackers so that the
difference between the fake and the legitimate site is not easy to determine. There are
techniques and tools that have been developed to spot such visual differences. For
example, the visual similarity-based phishing detection can be used along with the use of
TrustBar (Fatima et al., 2019).
Reactive Measures
There are some of the reactive measures that may be followed towards the security.
4
features that are easy to identify (Christy, Merlin and D. C., 2019). The protection techniques
that can be used in this regard include link guard and the use of the support vector machines
(SVM).
Blocking of Phishing Websites
There is a very minute difference between the fake website and the original website in terms of
the look and design of the site. The pattern used in the URL is also very similar that may make it
difficult to spot the fake site. The phishers make sure that the difference is very minute so that it
may become difficult for the user to identify the same.
Blacklist and Whitelist
The use of these lists can be done to block the phishing website. The URLs included
under the blacklists shall be the ones that may have suspicious history or may have been
involved in any of the phishing attacks in the past. Whitelist, on the other hand, shall
include the list of the legitimate sites and sources. Google safe browsing API is the
service that provides the ability to verify a URL if it is blacklisted or not. The issue of
exact matching can be resolved using PhishNet (Ahmed and Naaz, 2019).
Heuristics-based blocking
Heuristics include the protocols and the rules that may have been determined on the basis
of the past results. The detection of the phishing attacks may be done using the heuristics-
based blocking and it has been found to be quite effective as well (Babu, 2016).
Visual Similarities
There are visual similarities that are usually focused upon by the attackers so that the
difference between the fake and the legitimate site is not easy to determine. There are
techniques and tools that have been developed to spot such visual differences. For
example, the visual similarity-based phishing detection can be used along with the use of
TrustBar (Fatima et al., 2019).
Reactive Measures
There are some of the reactive measures that may be followed towards the security.
4
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Social Engineering Attacks: Phishing Attackslg...
|11
|653
|328
Hybrid Feature Selection for Phishing Email Detectionlg...
|6
|914
|387
Information Governance and Cyber Security: Risks and Mitigation Strategieslg...
|13
|3198
|416
Policies Regarding Spoof Mailslg...
|6
|776
|21
Awareness of Security Operation Awareness on Security Operation Name of the Student Name of the University Author's Note: Mahindra Banklg...
|18
|4611
|352
Social Media Security Threats and Practices for Secure Social Enterprise Networking Systemlg...
|4
|942
|274