Home > Free Essays > Tech & Engineering > Cyber Security > Description and Countering to Phishing

Description and Countering to Phishing Research Paper

Exclusively available on IvyPanda Available only on IvyPanda
Updated: Apr 27th, 2022

Abstract

Phishing refers to the attempt of obtaining other people sensitive information by pretense of posing as a trustworthy entity during online communication, with a principal objective of undertaking financial fraud. It is usually a form of online theft that entails the theft of confidential information from an internet user. Phishing has become a recent form of internet crime as evident by the increasing incidences of phishing scams. This is accelerated by the technical sophistication of the phishers and the increased dependency on the internet as a framework for conducting and processing commercial transactions. The most significant negative impact associated with phishing is that it has led affected the economy negatively due to the increasing financial losses and a reduction on the confidence of the consumers regarding the efficiency of online transaction systems (Budnick, 1996).

Scams related to phishing have been on the increase in the recent times because of the promising technological and economical frameworks. The technological requirements needed to initiate phishing attacks are easily available in public and private sources (Ec-Council, 2009). In addition, the internet has facilitated the automation of such technical resources facilitates the initiation of phishing even by non-technical internet users. The outcome of this is the larger non-technical population can execute phishing. This paper investigates the various technical procedures used in the execution of the phishing scams; highlight the trends of these technical capabilities and the strategies that can be deployed to help in the prevention of phishing scams.

Background

Deploying tricks to obtain sensitive information from people for malicious reasons is not a new concept, and has been in existence for a long time. Attacks related to social engineering has been evident on the course of existence of the internet, and even before the onset of the internet, criminal deployed other technological frameworks such as the telephone to obtain confidential data by pretense of being trusted agents. The onset of the internet only served to ease the process of execution of phishing attacks (Ec-Council, 2009). This paper will lay emphasis on the technologies that phishing criminals deploy and the technical strategies that can be used to counter phishing.

Types of attacks initiated by Phishing

Phishing can be executed in a number of ways due to increased embracement of online services in daily transactions such as online banking, e-commerce and other online communications. The significant factors that phishing criminals have exploited include the unawareness of potential threat by the internet users, the users being unaware of the organizational policies used in communication with the customers and the underlying technological sophistication such as Denial of Service and spam (Lance, 2005). The technological sophistication serves to reduce the awareness that the consumers are being scammed through phishing. The following are the most common types of phishing deployed by criminals (Lininger & Russell, 2005):

Deceptive phishing

Deceptive phishing today deploys the use of technical deceit whereby phishing criminal use fraudulent emails and websites in a manner that the user views the website are legitimate and trustworthy. A typical case of deceptive phishing is whereby criminals send emails in bulk to users with respective call to action that requires the email recipient to click on the provided link, whereby the user can voluntarily submit his/her confidential information (Markus & Myers, 2006). There are diverse technologies that phishing criminal deploy to obtain confidential data; some are outlined below:

  1. Basic Uniform Resource Locator (URL) Obfuscation, which serves to mislead the potential victim to a link that he/she may perceive to be legitimate. This technique is widely deployed in the phishing mails presently. URL obfuscation can be initiated using HTML redirection, whereby the hyperlink uses a legitimate URL but points to a malicious site; using alternate encoding schemes, whereby the representation of hostnames is done in an alternate format that cannot be identified by most of the users (Lininger & Russell, 2005). Criminals can also register similar domain names to deceit the users of such online services.
  2. Using the spoofing vulnerabilities of most of the available web browsers;
  3. Abuse of the International Domain Names (IDN);
  4. The vulnerabilities of the web browser associated with Cross-Zone, whereby security settings of the web browsers vary according to the settings.

Malware based Phishing

This type of phishing attacks involves the running malicious application software on the victim computer. Malware based phishing is facilitated due to the security vulnerabilities of the web browsers that the internet users relies on for communication. In addition, the malware can be spread by use of social engineering (Lininger & Russell, 2005). The most common scenario associated with social engineering entails convincing a mail recipient to download the attachments or files from a given website that are related to the current social variables such as celebrities gossip, after which the files automatically run on the user computer and collects confidential data such as saved passwords. The following are the most common strategies that phishers deploy when initiating a malware based attack (Markus & Myers, 2006):

  1. Key loggers and Screen loggers, which are programs that run automatically on the web browser and they monitor the kind of data that the user is constantly inputting, after which they send the collected information to the phishing server.
  2. Session Hijacking, whereby the activities of the user are monitored constantly using a browser component. Session hijacking usually takes place after a user has log onto his account and submitted his credentials. Hijacking can be done at the user’s PC or remotely by using a man-in-the-middle attack (Miller & Vandome, 2009).
  3. Web Trojans, which refers to pop up screens that are used to gather the personal information of the user.
  4. Host file poisoning, usually evident in cases whereby users are redirected to fraudulent web sites in cases whereby the original legitimate domain name has been modified or is unavailable.
  5. System Reconfiguration attacks, whereby the settings of a system are compromised in order to facilitate the execution of a phishing attack.
  6. Data theft, whereby a malicious code is run on a user’s PC to directly collect the confidential information such as passwords and their matching user names, software activation keys and other personal data that has been stored on the computer (Sullivan, 2005).

DNS based phishing

This approach to phishing involves the interfering with the integrity of the look up process for a given domain name. The look up process for a DNS server can be interfered using DNS file poisoning, pollution of the cache for a genuine DNS server that has been misconfigured (Miller & Vandome, 2009).

Content Injection Phishing

This kind of phishing involves the insertion of malicious content on genuine web site. This malicious code can be used for redirection to other fraudulent web sites or can be used in the installation of a malware on a user’s PC (Miller & Vandome, 2009). The malicious content can also serve to redirect any collected data on a legitimate web site to a phishing server. Content Injection phishing can be carried out in the following three principal ways (Schneider & Pinard, 2008):

  1. Phishing criminals can compromise a legitimate site server by use of security vulnerability, after which the contents of the legitimate servers are replaced with malicious contents that can be used in the collection of sensitive data.
  2. Phishing criminals can also use the vulnerability associated with cross-site scripting. Cross-site scripting vulnerability is usually characterized by a programming flaw associated with information coming from external sources, which may be in the form of blogs, product reviews from users of a product online and discussion board messages. The external content can usually come with a malicious script and usually runs on a web browser when the user visits the web sites (Markus & Myers, 2006).
  3. SQL injection vulnerability can also provide an avenue for phishing criminals to execute their malicious actions. The underlying principle is that the phishers usually aim at altering the execution of database commands with the intention of fostering information leakage (Miller & Vandome, 2009).

Man-in-the-middle Phishing

This refers to a form of phishing attacks whereby the phishing criminal places himself in the middle of the genuine web site and the potential victim. This implies that messages that are supposed to reach the genuine web site passes through the phisher, who in turn obtains the confidential information before forwarding the message to the legitimate web site. Reverse messages from the web site to the user also pass through the phisher. This kind of phisher attacks are usually hard to detect because the genuine site will function normally and the communication with the user is not impaired resulting to the user perception that there is nothing wrong with the communication channel. Man-in-the-middle phishing attacks can be deployed with other phishing techniques such as deceptive phishing and DNS based phishing (Miller & Vandome, 2009).

Search Engine phishing

This phishing approach includes the creation of fake products by the phishing criminals, whereby their products are indexed among the most popular search engines, after which they prompt the users to enter their credentials before carrying out a transaction (Todd, 2005).

Counter strategies that can be used to combat phishing

There are various strategies that can be implemented to help in the prevention of phishing crime. The solutions discussed in this paper aims at addressing the technical and non-technical measures that can be deployed in order to address the phishing attacks. Different strategies can be deployed at different phases of information flow during a phishing attack (Schneider & Pinard, 2008).

The first significant strategy countering phishing attacks is the use of efficient mechanisms for authentication and authorization. It is imperative that authentication strategies should make use of more than one authentication factors. For instance, for online transactions, a two factor authentication mechanism can be used, which include something that the user knows such as a password; and something that the user possesses such as a credit card. The implementation of the two factor authentication must have a framework though which users can alter their credentials in case their personal have been hijacked by phishing criminals through electronic surveillance. The timeframe for altering the personal credentials should be as little as possible in order to limit the possibility of the phishing criminal from using the credentials in future. In addition, it important to deploy appropriate strategies to secure sessions that has already been authenticated. This can be fostered by automatically going off session after pre-determined time duration of user inactivity (Markus & Myers, 2006). An important strategy during online authentication and authentication is to incorporate the ability of the system to communicate with the user in real time using other communication channels such as voice calls and text messages for verification. For instance, before a transaction is verified, the system can generate a verification code, which is send to the user in real time by use voice calls or text messages via their phones, after which the system prompts the user to input the received verification code for a transaction to take place (Lininger & Russell, 2005).

The second important strategy in the prevention of phishing includes the deployment of appropriate strategies against computer viruses, spyware and spams. This implies that having application programs that can help in the detection of malware and prevent their automatic installation and execution plays an integral role in combating phishing. In addition, antivirus and antispyware programs must be installed with updated signatures so that they can identify new releases of spyware programs (Miller & Vandome, 2009). Malwares that are currently developed have the ability of disabling the antivirus and antispyware programs, this means that updates signatures are required in order to help in the neutralization of such signatures. Spam prevention is also an important strategy in the prevention of phishing. This is because phishing emails deploy similar distribution mechanisms that spam mails use and are similar characteristics. Email filtering can play a great deal in the prevention of phishing (Sullivan, 2005).

The third strategy in the prevention of phishing entails the development of web browsers that have the capability to detect phishing sites whenever a user encounters one. This achieved by browser referencing of the IP address that are known as fishing sites in the database. Tool bar security solutions can be deployed in order to help in the blocking of window pop ups that may serve to phish for the user’s confidential information. Browser security enhancement is an integral tool for non-technical users who do not understand the circumstances under which phishing scams can be initiated (Todd, 2005).

Organizations can also deploy appropriate strategies to help in the prevention of phishing scams by use of consistent branding. Businesses and corporations must have more than one strategy through which their consumers can identify with them. An organization can also prevent phishing scams by constant monitoring of the references to public web sites. This is because most phisher redirect the user to the legitimate website after they have gathered the required information in order to conceal the user from identifying it. Reference to public websites can help in the identification of phishing sites after which the organization can embark on lawful strategies to deal with the attack. Apart from the technical measures that can be used in countering phishing, there are also various organizational and administrative counter strategies that can help in the combating of phishing scams. This can be realized through increasing the awareness of the consumers of the various organizational policies concerning how it will be communicating with them. In addition, appropriate education regarding the identification of phishing attacks can be helpful in combating phishing attacks (Todd, 2005).

Conclusion

Based on the technological trends that phishing criminals are deploying to undertake their activities, phishing awareness is an integral element of the counter phishing strategies. Phishing awareness must be educated both to the customers and the employees of the organization. Vigilance and foresight should also be put into consideration during the development of online communication platform, whereby companies should take into account the risk associated with the unauthorized access of personal information.

References

Budnick, D. (1996). The Phishing manual: a compendium to the music of Phish. London: Hyperion.

Dunham, K. (2008). Mobile malware attacks and defense. Washington: Syngress.

Ec-Council. (2009). Ethical Hacking and Countermeasures: Threats and Defense Mechanisms. New York: Cengage Learning.

Lance, J. (2005). Phishing exposed. New York: Syngress.

Lininger, R., & Russell, D. V. (2005). Phishing: cutting the identity theft line. New York: Wiley Pub.

Markus, J., & Myers, S. (2006). Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. New York: Wiley-Interscience.

Miller, P., & Vandome, A. (2009). Phishing: Phishing. Anti-phishing Software, Confidence Trick, E-mail Spoofing, Pharming, Social Engineering (security), Vishing, Transport Layer Security, Phreaking, Copyright Infringement of Software. New York: Alphascript Publishing.

Schneider, G., & Pinard, K. (2008). The Internet: Illustrated. New York: Cengage Learning.

Sullivan, D. (2005). The Definitive Guide to Controlling Malware, Spyware, Phishing, and Spam. New Jersey: Realtimepublishers.

Todd, M. (2005). The senior’s guide to the Internet: surfing, shopping, e-mail and security. New York: EKLEKTIKA, Inc.

This research paper on Description and Countering to Phishing was written and submitted by your fellow student. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly.
Removal Request
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda.
Request the removal

Need a custom Research Paper sample written from scratch by
professional specifically for you?

801 certified writers online

Cite This paper
Select a referencing style:

Reference

IvyPanda. (2022, April 27). Description and Countering to Phishing. https://ivypanda.com/essays/description-and-countering-to-phishing/

Reference

IvyPanda. (2022, April 27). Description and Countering to Phishing. Retrieved from https://ivypanda.com/essays/description-and-countering-to-phishing/

Work Cited

"Description and Countering to Phishing." IvyPanda, 27 Apr. 2022, ivypanda.com/essays/description-and-countering-to-phishing/.

1. IvyPanda. "Description and Countering to Phishing." April 27, 2022. https://ivypanda.com/essays/description-and-countering-to-phishing/.


Bibliography


IvyPanda. "Description and Countering to Phishing." April 27, 2022. https://ivypanda.com/essays/description-and-countering-to-phishing/.

References

IvyPanda. 2022. "Description and Countering to Phishing." April 27, 2022. https://ivypanda.com/essays/description-and-countering-to-phishing/.

References

IvyPanda. (2022) 'Description and Countering to Phishing'. 27 April.

Powered by CiteTotal, best reference generator
More related papers