PricingBlogAbout Us

Effective Cybersecurity: An In-Depth Analysis of Phishing Attacks

Verified

Added on  2022/09/18

|6
|1622
|39
Essay
AI Summary
This essay provides an in-depth analysis of phishing as a significant cybersecurity issue. It explores various types of phishing attacks, including deceptive phishing and spear phishing, and examines the criminological issues associated with online fraud. The essay critiques key security vulnerabilities related to data storage infrastructure and discusses threats to computer networks and physical infrastructure, such as ransomware and malware. Furthermore, it investigates essential practices and procedures for managing cybersecurity challenges, including avoiding clicking hyperlinks in emails, verifying HTTP on address bars, using antivirus and anti-spam software, and maintaining reliable firewalls and backup systems. The essay concludes by highlighting the importance of user awareness and technical proficiency in detecting and preventing phishing attacks, emphasizing the need for continuous adaptation to evolving criminal schemes. Desklib offers a wealth of similar resources for students.
Document Page
Running head: PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
Phishing as effective cybersecurity issue
Name of the student:
Name of the university:
Author Note
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
1PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
Journal Article:
Alsharnouby, M., Alaca, F. and Chiasson, S., 2015. Why phishing still works: User strategies
for combating phishing attacks. International Journal of Human-Computer Studies, 82, pp.69-
82.
Introduction:
The phishing is a rising cybercrime, where the targets that can be contacted through emails,
text messages and telephones. This can happen from anyone who is found to pose as a legitimate
instituting for luring people in delivering sensitive information. This includes credit card and
banking details, passwords and personally identifiable information. In the following study, an
analysis of this cybercrime is done as per the above article. It intends to demonstrate the
comprehensive analysis of main crimes types along with different criminological issues. Next, the
primary security vulnerabilities can be made on the infrastructure of data storages. Further, a
comprehensive understanding of the threats to physical infrastructures and computer networks are
done. Ultimately a comprehensive assessment of the important practices and procedures related to
managing of cybersecurity challenges and various countermeasures are investigated here.
Article Critique:
Hereafter, the comprehensive understanding of the main crime types along with criminology
issues, are discussed from the above article. The primary kinds of crime include the deceptive
phishing and spear phishing. In the former case the attacker attempts gaining confidential data from
victims. Here, the attackers make use of the data for stealing money and launching other attacks. The
later one targets particular individuals rather than a broad group of individuals (Akerlof and Shiller
Document Page
2PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
2015). Here, the attackers are found to make research on victims through social media and other
types of sites. This way, they can customize the communications and been appearing to be more
authentic (Alsharnouby, Alaca and Chiasson 2015).
Regarding criminological issues, the phishing is the activity of expansion of commerce over
the Internet. Here, face-to-face transactions have been needed for buying services and good. This is
useful to transfer the values and engage the transactions regulating various identity aspects. It gives
scopes to the criminals in committing various fraudulent tasks in various methods (Thomas et al.
2017). Firstly, there is the pretending of another person over the Internet and abusing the facility of
credit or debit card. Next, there is the retention of other person’s during transactions with person’s
financial provider or bank. Further, there is the assumption of the identity of other people and
utilizing the identity for incurring liabilities and debts in that name.
Moreover, the authors make a critique and evaluation of the key security vulnerabilities
related to data storage infrastructure. Firstly, the phishing of emails has been casing a broad net. It is
seen that tens of thousands have been going outside in indiscriminate way from the senders. This has
been remarkably looking like the bank and others. Spearphishing has been attacking the target
specific groups of users and users. For instance the employees can be considered here. Besides, this
has been appearing to be coming from anyone who is known already and trusted. This email
signature can be spoofed for that reason exactly (Cui et al. 2017).
Next, the article makes a comprehensive understanding of different threats to the computer
networks along with physical infrastructure. At first, the phishing threats towards employers can be
considered. Irrespective of the fact whether any staff is performing their online research and
banking, as they access any fake phishing site from their computer along with downloading
executable malware, the entire network can be affected (Wang, Li and Rao 2016). Next, there can be
Document Page
3PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
hissing threats to the data. It is applicable as any employee reacts to phishing email. This is about the
bank account and account that needs login and password and personnel emails and social media
accounts. Next, there are spear-phishing threats. It is proved to be more successful because the
victims are particularly targeted by cybercriminal. Here, the attackers are able to seek personal
details of victims and developing convincing phishing emails appearing realistic due to the content.
Lastly, there is the ransomware. Its delivery though email is the most serious of every present threat
of hissing. This is the simplest type of malware for monetizing, and noticeable rise in the attacks has
been there on mobile phones. This can also occur in various cloud based applications that start with
external and internal users (Ho et al. 2019).
Further, a comprehensive investigation of primary procedures and practices related to
management is done from the above article. Firstly, the hyperlinks in emails are never to be clicked.
Next, one must never enter the sensitive data in a pop-up window. Moreover, the HTTP is to be
verified on the address bar. Proper education must be spread on the phishing attacks. Next, the
antivirus protection must be present. The criminals have been consistently altering their schemes.
Thus maintaining any suitable antivirus protection is invaluable in the first line of defense against
the attacks (Aleroud and Zhou 2017). Next, the anti-spam software can be used. This can filter out
many hissing emails that could end up in the inbox. Further, anti-spy software must be used. It can
lessen the existence of spyware. The reduction of the quantity of spyware ends up on the computer
notably lessening the risks of malicious attacks of phishing. Further, a reliable firewall must be
maintained and installed. Next, proper protection is to be provided against the DNS pharming
attacks. Ultimately, backup system copies can be used (Arachchilage, Love and Beznosov 2016).
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
4PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
Conclusion:
From the aforementioned article, it is seen that the authors have conducted a user study to
analyze whether the developed browser security indicators and the rise in awareness of phishing can
lead the user’s ability to secure against those attacks. The results obtained from the study in the
article has found just 53% of those phishing sites. This is to determine them and sending very short
time fetching the security indicators. This is as compared to the website content while making the
analysis. Nevertheless, the authors have found that the overall time of gaze on the elements of
browser chrome has been correlating to the rising ability to find the phishing. Furthermore, the
common technical proficient of the users has been never correlating to the developed scores of
detection. In this way one can capture the data and use that for further criminal activities. This is
same as the theft from any financial account and same kinds of criminal tasks. Here, any consumer
can be on guard against the kind of criminal activities.
Document Page
5PHISHING AS EFFECTIVE CYBERSECURITY ISSUE
Bibliography:
Akerlof, G.A. and Shiller, R.J., 2015. Phishing for phools: The economics of manipulation and
deception. Princeton University Press.
Aleroud, A. and Zhou, L., 2017. Phishing environments, techniques, and countermeasures: A survey.
Computers & Security, 68, pp.160-196.
Alsharnouby, M., Alaca, F. and Chiasson, S., 2015. Why phishing still works: User strategies for
combating phishing attacks. International Journal of Human-Computer Studies, 82, pp.69-82.
Arachchilage, N.A.G., Love, S. and Beznosov, K., 2016. Phishing threat avoidance behaviour: An
empirical investigation. Computers in Human Behavior, 60, pp.185-197.
Cui, Q., Jourdan, G.V., Bochmann, G.V., Couturier, R. and Onut, I.V., 2017, April. Tracking
phishing attacks over time. In Proceedings of the 26th International Conference on World Wide Web
(pp. 667-676). International World Wide Web Conferences Steering Committee.
Ho, G., Cidon, A., Gavish, L., Schweighauser, M., Paxson, V., Savage, S., Voelker, G.M. and
Wagner, D., 2019. Detecting and Characterizing Lateral Phishing at Scale. In 28th {USENIX}
Security Symposium ({USENIX} Security 19) (pp. 1273-1290).
Thomas, K., Li, F., Zand, A., Barrett, J., Ranieri, J., Invernizzi, L., Markov, Y., Comanescu, O.,
Eranti, V., Moscicki, A. and Margolis, D., 2017, October. Data breaches, phishing, or malware?:
Understanding the risks of stolen credentials. In Proceedings of the 2017 ACM SIGSAC conference
on computer and communications security (pp. 1421-1434). ACM.
Wang, J., Li, Y. and Rao, H.R., 2016. Overconfidence in phishing email detection. Journal of the
Association for Information Systems, 17(11), p.1.
chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.