Advertisement

Phishing e-mail is an increasing menace

  • Ajay U. SurwadeEmail author
Original Research
  • 9 Downloads

Abstract

The usage and importance of e-mails has been continuously growing despite the availability of alternative means, such as electronic messages, mobile applications, and social networks. Majority of peoples are using e-mail as communication mechanism. The e-mail users are receiving unwanted e-mails, these unwanted e-mails are called as spam e-mails. Some spam e-mail contains phishing attacks which are called phishing e-mails. The phishing e-mails are asking users to give out their secret information which includes passwords, PIN, debit or credit card number, CVV or other important information which enables phishers to reach to the bank accounts of these users. The main objective of this paper is to identify the research gap after carrying out literature survey of Anti-phishing techniques and to propose an architecture for classifying the phishing e-mails to block the phishing e-mails which can be tested in test bed environment.

Keywords

Phishing e-mail Origin based filter Content based filter 

Notes

Acknowledgements

The proposed research work is funded by the Science and Engineering Research Board (SERB) a statutory body of the Department of Science and Technology (DST), New Delhi, Government of India. [File No. EEQ/2017/000198].

References

  1. 1.
    First quarter report of APWG phishing activity trends report 1st–3rd quarters 2015, January–September 2015, Published in December 23, 2015Google Scholar
  2. 2.
    Forth quarter report of APWG phishing activity trends report 4th quarter 2015 October–December 2015 Published on March 22, 2016Google Scholar
  3. 3.
    First quarter report of APWG phishing activity trends report, 1st quarter 2016 January–March 2016 Published on May 23, 2016. http://www.apwg.org
  4. 4.
    Second quarter report of APWG phishing activity trends report, 2nd quarter, 2016 (April–June 2016) Published on October 3, 2016Google Scholar
  5. 5.
    Forth quarter report of APWG phishing activity trends report, 4rd quarter, 2016 (October–December 2016) Published on February 23, 2017Google Scholar
  6. 6.
    First quarter report of APWG phishing activity trends report, 1st half, 2017 (January–June 2017) Published on October 17, 2017Google Scholar
  7. 7.
    First quarter report of APWG phishing activity trends report, 1st quarter report 2018 (January–March 2018) Published on July 31, 2018Google Scholar
  8. 8.
  9. 9.
  10. 10.
    Ken D (2004) Phishing isn’t so sophisticated: scary!. Taylor Francis J Inf Syst Secur 13(2):2–7. ISSN: 1065-898X (Print) 1934-869X (Online)  https://doi.org/10.1201/1086/44312.13.2.20040501/81646.1 CrossRefGoogle Scholar
  11. 11.
    Ian F, Norman S, Anthony T (2006) Learning to detect phishing e-mails. Technical Report of Carnegie Mellon Cyber Laboratory CMU-CyLab-06-012Google Scholar
  12. 12.
    Security Privacy Applied SPAR Technical Report (2006) A framework for detection and measurement of phishing attacks. Technical Report SPAR-JHU:SD-NP-MC-AR:251206, Johns Hopkins UniversityGoogle Scholar
  13. 13.
    Zhang Y, Egelman S, Cranor L, Hong J (2006) Phinding phish: evaluating anti-phishing tools. Hum Comput Interact Inst pp. 76. http://repository.cmu.edu/hcii/76
  14. 14.
    Kruck GP, Kruck SE (2006) Spoofing—a look at an evolving threat. J Comput Inf Syst 47(1):95–100.  https://doi.org/10.1080/08874417.2006.11645943 CrossRefGoogle Scholar
  15. 15.
    Sebastian G, Ahmad-Reza S (2007) A forensic framework for tracing phishers. In: The Proceedings of the Third IFIP WG 9.2, 9.6/11.6, 11.7/FIDIS.  https://doi.org/10.1007/978-0-387-79026-8_2 Print ISBN 978-1-4419-4629-4 Online ISBN 978-0-387-79026-8CrossRefGoogle Scholar
  16. 16.
    Yue Z, Jason H, Lorrie C (2007) CANTINA: a content-based approach to detecting phishing web sites. In: Proceedings of International World Wide Web Conference (WWW- 2007), May 8–12, 2007, ACM 978-1-59593-654-7/07/0005Google Scholar
  17. 17.
    Xun D, Clark JA, Jacob JL (2008) User behavior based phishing websites detection. In: Proceedings of International Multi-conference on computer science and information technology, 2008 (IMCSIT 2008) held on 20–22 Oct 2008, Print ISBN: 978-83-60810-14-9  https://doi.org/10.1109/imcsit.2008.4747332
  18. 18.
    Steve S, Brad W, Gary W, Lorrie F, Cranor JH (2009) An empirical analysis of phishing blacklists. In the Proceedings of Proceedings of Sixth Conference on e mail and anti-spam (CEAS). July 16–17, 2009, Mountain View, California USAGoogle Scholar
  19. 19.
    Kuan-Ta C, Jau-Yuan C, Chun-Rong H (2009) Fighting phishing with discriminative key point features. IEEE Internet Comput 13(3):1089–7801.  https://doi.org/10.1109/mic.2009.59 CrossRefGoogle Scholar
  20. 20.
    Moura GCM, Pras A (2009) Scalable detection and isolation of phishing. In: The Proceedings of Third International Conference on autonomous infrastructure, management and security (AIMS-2009), June 30–July 2, 2009Google Scholar
  21. 21.
    Basnet RB, Sung AH (2010) Classifying phishing e-mails using confidence-weighted linear classifiers. In: The Proceedings of International Conference on information security and artificial intelligence-2010 (ISAI 2010)Google Scholar
  22. 22.
    Aburrous MR, Hossain MA, Dahal KP, Thabatah F (2010) Experimental case studies for investigating e-banking phishing techniques and attack strategies. J Cognit Comput 2(3):242–253.  https://doi.org/10.1007/s12559-010-9042-7 CrossRefGoogle Scholar
  23. 23.
    Liu G (2011) Phishing detection with computational techniques and human effort. Dissertation City University of Hong KongGoogle Scholar
  24. 24.
    Mounica C, Benson Edwin Raj S (2011) A new architecture to perform phishing via trojan horse. Int J Comput Appl Special Issue on computational science—new dimensions & perspectives (NCCSE, 2011)Google Scholar
  25. 25.
    Almomani A, Wan TC, Manasrah A, Altaher A, Al-Saedi K, Alnajjar A, Ramadass S (2012) A survey of learning based techniques of phishing e-mail filtering. Int J Digit Content Technol Its Appl (JDCTA) 6(18)Google Scholar
  26. 26.
    Feresa Mohd Foozy C, Ahmad R, Faizal Abdollah M (2013) Phishing detection taxonomy for mobile device. Int J Comput Sci Issues (IJCSI), 10(1):3, January-2013, ISSN (Print): 1694-0784 | ISSN (Online): 1694-0814Google Scholar
  27. 27.
    Rader MA, Rahman SM (2013) Exploring historical and emerging phishing techniques and mitigating the associated security risks. Int J Netw Secur Appl (IJNSA).  https://doi.org/10.5121/ijnsa.2013.540223 CrossRefGoogle Scholar
  28. 28.
    Ammar A, Gupta BB, Atawneh S, Meulenberg A, Almomani E (2013) A survey of phishing e-mail filtering techniques. IEEE Commun Surv Tutor.  https://doi.org/10.1109/surv.2013.030713.00020 CrossRefGoogle Scholar
  29. 29.
    Gowtham R, Ilango K, Sampath K, Kumar S (2014) An efficacious method for detecting phishing webpages through target domain identification. Elsevier J Decis Support Syst 61:12–22CrossRefGoogle Scholar
  30. 30.
    Zuhair Zeydan H, Selamat A, Salleh M (2014) Current state of anti-phishing approaches and revealing competencies. J Theor Appl Inf 70(3):507–515, ISSN:1992-8645Google Scholar
  31. 31.
    Khadir RP, Sony P (2015) Efforts and methodologies used in phishing email detection and filtering: a survey. Int J Adv Res Comput Sci 6(2):23–27, ISSN:0967-5697Google Scholar
  32. 32.
    Choon LT, Kang LC, KokSheik W, San NS (2016) PhishWHO: phishing webpage detection via identity keywords extraction and target domain name finder. Sci Direct J Decis Support Syst 88:18–27.  https://doi.org/10.1016/j.dss.2016.05.005 CrossRefGoogle Scholar
  33. 33.
    Wael H, Faisal A, Samer A (2016) A new fast associative classification algorithm for detecting phishing websites. Sci Direct J Appl Soft Comput 48:729–734.  https://doi.org/10.1016/j.asoc.2016.08.005 CrossRefGoogle Scholar
  34. 34.
    Mahmood M, Ali Yazdian V (2016) New rule based phishing detection method. Sci Direct J Expert Syst Appl 53:231–242.  https://doi.org/10.1016/j.eswa.2016.01.028 CrossRefGoogle Scholar
  35. 35.
    Kaur Davneet, Kalra Sheetal (2016) Five-tier barrier anti-phishing scheme using hybrid approach. Inf Secur J Glob Perspect.  https://doi.org/10.1080/19393555.2016.1215573 CrossRefGoogle Scholar
  36. 36.
    Aakanksha T, Jain AK, Gupta BB (2016) Recent survey of various defense mechanisms against phishing attacks. J Inf Priv Secur 12:3–13Google Scholar
  37. 37.
    Ghulam M, Liyana S, Ram GR, Nahdia M, Al-Garadi MA (2017) Email classification research trends: review and open issues. IEEE Transl Content Mining 5:9044–9064.  https://doi.org/10.1109/access.2017.2702187 CrossRefGoogle Scholar
  38. 38.
    Sanjib Kumar S, Pankaj K, Amit PS (2018) Modified K-NN algorithm for classification problems with improved accuracy. Int J Inf Technol 10(1):65–70.  https://doi.org/10.1007/s41870-017-0058-z CrossRefGoogle Scholar

Copyright information

© Bharati Vidyapeeth's Institute of Computer Applications and Management 2019

Authors and Affiliations

  1. 1.School of Computer SciencesKavayitri Bahinabai Chaudhari North Maharshtra UniversityJalgaonIndia

Personalised recommendations