SlideShare a Scribd company logo

Phishing: Analysis and Countermeasures

IRJET Journal
IRJET Journal

This document discusses phishing attacks and countermeasures. It begins by defining phishing as a type of email fraud where perpetrators send seemingly legitimate emails to collect personal and financial information. It then describes how phishing works, outlining the typical stages: creating fake websites, sending phishing emails with links to these sites, and hoping victims provide sensitive data or get infected with malware when they click the links. Specific phishing scams like spear phishing, whaling, pharming, spoofing, and vishing are also explained. The document concludes by listing warning signs of phishing websites and attacks.

1 of 5
Download to read offline
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 75 Phishing: Analysis and Countermeasures Bhagyashree Ankush Alandkar & Bhakti Desai Student, M. Sc IT, Keraleeya Samajam (Regd.) Dombivli’s Model College, Maharashtra, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract – Without the internet, our daily lives are inconceivable. One of the most important forms of communication we use every day is email. We prefer to just use it regularly for business communications, but we also use it to stay in touch with our friends and family. Due of the significant significance that email plays in international communication and information sharing. Even so, security issues have accumulated. E-Mail phishing is the most significant drawback or hacker attack on email in today's world. The moment is right to secure information sent via mail, even on specific networks. Cybercriminalscreatethese emails to appear credible, which makes virtually millions of people throughout the world fall for them. The criminals don't have a specific victim in mind. Key Words: Phishing, attacks 1. INTRODUCTION Phishing is a type of email fraud in which the perpetrator sends out seemingly valid emails to target specific individuals in an effort to collect their personal andfinancial information. The communications typically look tooriginate from reputableandwell-knownwebsites. Thephisherplaces the lure in the hopes of fooling at least some of the prey that come into contact with it, just like the fishing trip it gets its name from. Phishers deceive their targets by employing a variety of social engineering techniques and email spoofing techniques. Due to the important functionthatemail playsin communication and information sharing on a worldwide scale. The safety issueshave evengottenworse.Themajority of the email servers used in the mail infrastructure on the internet are attacked. 2. HOW PHISHING ATTACKS WORKS We need to comprehend the justifications for hostile attacks in order to comprehend how they operate. There are two main purposes of a phishing assault. 1) To extract sensitive data, first These attacks employ techniques that compel the victims to reveal sensitive and private information. Hackers want the ability to break into a private or public network,steal money from someone, or use another person's credentials to carry out illegal activities. Checking account information isamong the clearly questionable data that hackers request from victims. 2) To infect the system with malware With such attacks, hackers also primarily aim to infect the victim's PC with malware or viruses. These emails include Microsoft Office zipped files. 3. STAGES OF PHISHING ATTACK It's crucial to first comprehend how phishing attacks operate in order to stop one in its tracks. Let's go over the stages of a typical phishing attack that are most common [1]: Figure 1 stages of phishing attack  Creating the fake website. To create spoof websites, the hacker steals real code and legitimate images from websites. According to some estimates, hackers create 1.5 million spoof websites each month. Due to the availability of affordable internet scraping tools, this is nowsimplerthanever.Hackersfrequentlycreate fake websites with well-known and reliable domain names. They are also recovering at their trade. Even experienced security personnel will struggle to identify fakes.  The phishing email's transmission. The hacker launches the associate degree email phishing scam after creating the fake website. These emails,whichare incredibly convincing, include content, images, and a link to the fake website. The victim is urged to open the link in the email with statementslike,"Youraccounthasbeenhijacked!" On a huge scale, this occurs. Every day, hackers send an estimated three billion phishing emails.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 76 • Focusing the victim search After developing the bogus website, the hacker starts the associate's email phishing scheme. Theseemailscontaintext, graphics, and a link to the false website, and they are quite convincing. In the email, the victim is prompted to click the link and is told things like, "Your account has been hijacked!" This happens on an enormous scale. An estimated three billion phishing emails are sent out daily by hackers.  Taking the bait. If a hacker is persistent, a victim will eventually fall for the lure. A silentattack willclaim thousands oflives.Thevictim's financial assets, such as credit cards, bank accounts, or legal documents, may occasionally need to be taken. Others want to gather as many credentials as they can to sell online. 4. PHISHING SCAMS TO AVOID • Spear Phishing Attacks Many different types of tailored phishing are referred to as spear phishing. With spear-phishing assaults, the hacker tries to learn as much as they can about you, including your name, company, position,andphonenumber.Theythentake advantage of this knowledge by pretending to be someone you know and trust in order to persuade you to comply with the attacker's demands. Example: Because Amazon is so widely known, all cybercriminals don't have to put up a lot of effort to deceive their customers; the bulk of phishing attempts are generic. A clever spear phishing assault in 2015 tricked several customers into installing ransomware. Users who had recently placed an order with theWorldHealthOrganization received an email from the con artists. • Whaling Whaling is a type of phishing assault that targets people in positions of authority within a large corporation. This often denotes a senior management with access to or knowledge of sensitive firm information, such as a chief executive officer, business executive, or another senior manager. The fact that the targets are the "big fishes" in the phishing pool is what is meant by the phrase "whaling." Whaling attacks are frequently very carefully planned and aim to obtain important company information for the phisher's benefit. Attacks against whales are often planned out over a long period of time, and they are highly tailored and elaborate. Example: The co-founder of Australian hedge fund Levitas Capital clicked on a fake Zoom link in the month of 2020. • Pharming Other methods of manipulating targets on the internet include phishing and pharmacy fraud. Phishing is a technique used to trick a victim into giving theirinformation to a fake website. Pharming involves changing DNS information, so when a person types in an online address, they will likely be forwarded to the wrong website. This means that the DNS server responsible for converting the website address into the address for crucial information processing will need to be adjusted, and website traffic will also be diverted to another site. Due to flaws in the DNS server package, pharming attacks can happen and are frequently difficult to detect. The simplest way to identify a potential pharming assault is to raise the alarm if a common web. • Spoofing Spoofing is the act of a gouger acting as someone else in order to persuade the target totakea particularaction.Many phishing attempts consequently make use of spoofing; a phisher could pose as a member of your IT department and urge you to visit a website and confirm your laptop login information. As a result, this website is a fake, and the phisher has obtained access to your login information without your knowledge. However, not all spoofing assaults are actually phishing; some phishers utilise spoofing as a means of manipulation. A spoofing attack might involve a hacker posing as a coworker and asking you to send a file, but the file is actually a trojan. • Vishing Vishing is the telephone equivalent ofphishing,inwhich the targets are chosen by the con artists in order to obtain information. Vishers pose as a respectable organisation and harass you for your personal information by using various forms of persuasion or "social engineering." Be extremely careful when disclosing any sensitive information over the phone, especially if the number is restricted or you are unfamiliar with the area code or number. If at all possible, ask for the amount you can decide back and verifyitwiththe source they say they are, or decide the party's customer service and ask if they need to get in touch with you. Example: In this attack, a link will cause a page to open alerting you that a problem has been found with your computer and that you should choose a support option to resolve it. The offender may also decide to inform the victim that assistance is being sought for them due to a tool failure. This is a common tactic. A price is assessed at the end of the service for fixing a tangle that didn't initially exist [7].
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 77 5. PHISHING ATTACKS: WARNING SIGNS A phishing website (also known as a faked website) often makes an effort to appear at least somewhat trustworthy. It will be designed to look like an authentic, already-existing website, imitating sites for your banks or healthcare facilities, for example. The website is designed for you to disclose your login information or other personal information. You might get an email or text message with a link to the current website, but you could also accidentally type in the wrong URL or use the wrong search term to land on the page. The main concern is then to be wary about the sender of the email or instant message and make sure you know who sent it, or that the sender is someone you trust.  Email from unacquainted Sender There are several things you might consider when you receive an email to determine whether you might be the victim of a phishing assault. Look at the email sender's information first. The phishing attempt can come from a suspicious-looking email that youhaveneverseenbefore. As luck would have it, there are forums and online tools that can help you determine whether or not the source is trustworthy if you have any questions. Simply copy the sender's email and search for terms like "phishing attempt," "hacking," or "scam" on Google. You may be able to tell that the email is from a cybercriminal if others have reported it. However, there is a problem with this technique because phishers are quite aware of the forums and frequently and easily change their emails. Additionally, they would utilise these support forums as a way to legitimise their own fraud by giving themselves positive evaluations and insisting that the email offer was genuine [8].  Sender’s Email looks Off The phishing attempt may come from a business that appears to be fully trustworthy and legitimatebutisactually not from the firm it purports to be. For example, if you search for a Sanket bank and see that they are using their logo, you might assume the email iscomingfroma legitimate source without realising that it could be that Sanket's email has been hacked or that a different email has been created that matches Sanket's email but isn't the right email type.  Writing Tone Is Odd Another major cautionary sign is when the email address looks familiar but thecontentorpresentationseems strange. If the email contains grammatical or spelling mistakes that your contact is unlikely to make or does not frequently make, it's possible that the sender is actually a phisher. As phishingscamsbecomemoresophisticated,their language and design may also be well-thought-out and appear to be extremely trustworthy. Yet people often have a really certain style and elegance of communicating, and you seem to be drawn to it, either consciously or unconsciously. If an email seems "fishy," you may have unconsciously noticed that the sender is using language and a style that are not typical of them. Follow your gut, and if something seems strange, look into the email before you answer.  Greeting Oddly Generic In order to trick you, phishingcriminalssendouta tonne of generic emails that start with "Dear Customer" and refer to "Your Business" or "Your Bank." This is frequently especially concerning if the email appearstobecomingfrom someone who should have a lot of information about you, such as a partner you have met beforeorsomeonefromyour company [8]. 6. PHISHING EMAIL EXAMPLES TO LEARN FROM 1) An example of a phishing email with a suspicious email address. 2) An example of a phishing email where the con artist promises financial rewards. Sample of a phishing email asking you to confirm your account information. 4) An illustration of a phishing email with fake financial documents. 5) A phishing email that purports to be from an employee of your company. 6) A phishing email illustration requesting a payment confirmation. 7) Voicemail scam examples using phishing emails. Account Deactivation (No. 8) 9) Fraudulent Credit Card 10) Transmit Money 11)Social media Request No. 7. HOW TO DEFEND AGAINST PHISHING EMAILS Remember these 5 principles for creating a culture of cyber security awareness when constructing a defence against phishing emails:
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 78 Figure 2. How to defend against phishing emails • Educate: To coach, train, and change behaviour, use phishing microlearning and security awareness coaching. • Monitor: Check employee information using phishing simulation tools to see if an agency is at risk of a cyber- attack. • Communicate: Provide up-to-date communications and campaigns about social engineering, cyber security, and phishing emails. • Integrate: Make project management, training, support, and awareness campaigns for cyber security a part of your business culture. You need defence against phishing email attacks. The same sentiment also applies to your coworkers, organisation, friends, and family. Everyone ought to be able to safeguard their info. Making the most of cyber security awareness is the greatest way to do this. 8. THE FREQUENCY OF PHISHING ATTACKS Every year, phishing becomes more prevalent and poses a significant hazard. According to a 2021 Tessian analysis, the average number of phishing emailsreceivedbyemployeesis 14. Certain industrieswereparticularlyhardimpacted;retail workers received a median salary of $49. The majority of the email-based attacks between May and August 2021, according toESET's2021analysis,were partof phishing campaigns. IBM's 2021 analysis corroborated this trend by noting a two-point increase in phishing attacks between 2019 and 2020, which was partially fueled by COVID-19 and supply chain uncertainty. According to CISCO's report on cybersecurity threat patterns for 2021, at least one employee of about 86 firms clicked on a phishing link. According to the company's knowledge, phishing accounts for over 90 percent of data breaches. Phishing attacks increased by 52 percent in December, according to CISCO, who discovered that the activity tends to peak around holiday times. According to the results of a global poll, 83 percent of IT departments at Indian companies predicted a rise in the number of phishing emails aimed at their employees in 2020. One of the reasons for its effectiveness is its capacity to continuously evolve and diversify, trade offences to contemporary issues or concerns, such as thepandemic,and capitalise on people's emotions and trust "Urban Center Wisniewski, the head of analysis at Sophos, said as much. Phishing is frequently the first phase in a very intricate, multi-phase attack. According to Sophos quick Response, hackers frequently use phishing emails to coerce users into installing malware or disclosing login information for the workplace network "A second Wisniewski. Also, the results show that there is no universal agreement on what is meant by"phishing."Asanillustration, 67 percent of IT organisations in India equate phishing with emails that falsely purport to be from a genuine company and that frequently include a threat or a requestforpersonal information. Sixty-one percent of respondents think that Business Email Compromise (BEC) attacks arephishing,and fifty percent of respondents think that threadjacking— where attackers inject themselves into a legitimate email thread as part of an attack—is phishing. The good news is that almost all Indian businesses (98%) have implemented cybersecurity education campaigns to thwart phishing. Respondents reported using phishing simulations (51%), computer-based coaching programmes (67%), and human-led coaching programmes (60%). According to the poll, four-fifths of Indian firms gauge the success of their awareness campaign by the number of IT tickets related to phishing, which is followed by user coverage of phishing emails (at 77%) and phishing email clickthrough rates (at 60%). Every firm surveyed in the city, Hyderabad, and metropolis (100%) felt it is necessary to have cybersecurity awareness initiatives in place. When ninety-seven states had such programmes, Chennai was next, putting Bengaluru and the city at ninety-six each. 9. CONCLUSION Phishing attacks continue to be a major concern to both individuals and businesses today. This can be primarily caused by human engagement in the phishing cycle, as the paper points out. Phishers typically target human weaknesses in addition to favourable technology situations
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 79 (i.e., technical vulnerabilities). It is well established that a variety of factors, including age, gender, internet addiction, user stress, and many others, can affect a person's susceptibility to phishing. In addition to more recent phishing mediums like voice and SMS phishing, more traditional phishing channels like email and the web arestill in use. Concomitantly, phishing has developed on the far side getting sensitive data and monetary crimes to cyber coercion, hacktivism, damaging reputations, espionage, and nation-state attacks. analysis has been conductedtospotthe motivations and techniques and countermeasures to those new crimes, however, there's no single answer for the phishing drawback because of the heterogeneous nature of the attack vector. The challenges caused by phishing have been examined in this book, and a new anatomy that outlines the entire life cycle of phishing attempts has been planned. This associate deprecatory offers a broaderperspectiveonphishingattacks and a correct definition that covers the attack's realisation and end-to-end exclusion. Although the best defence against phishing is human education, the sophistication of the assaults and social engineering components make it difficult to completely eliminate the threat. Developing affordable anti-phishing strategies that prevent users from being exposed to the attack is a critical step in minimising these attacks, even though ongoing security awareness training is the key to avoiding phishing attacks and to reduce their impact. This text concluded by mentioning the significance of creating anti-phishing techniques that recognise and stop the attack. Also, the significance of methods to identify thesourceofthe assault may provide a stronger anti-phishing solution, as discussed in this article. 10. ACKNOWLEGEMENT I am incredibly humbled and grateful to express my gratitude to everyone who has helped me put these ideas into one concrete item, way above the level of their simplicity. I want to specifically thank Assistant Professor Jyoti Samel for giving me the chance to conduct this excellent research on the subject of "Phishing: An Open Threat to Everyone." Her support allowed me to conduct a lot of research and learn a lot of new information. I sincerely appreciateher. My sincere gratitude is extended to our research paper advisor for her insightful and timely counsel throughout the many research phases. Without the support and guidance of my parents and friends, no attempt at any level can be satisfactorily completed. Despite their busy schedules, they gave me different ideas for how to make this project unique. They helped me gather a variety of information, aggregate it, and guide me periodically in making this paper. 11. REFERENCES [1] Phishing attack on the rise by APN News, Saturday, March, 2022 [2] Spear phishing examples by Phish Protection [3] What is Whaling? Whaling Email Attacks Explained by Tessian, 11 August 2021 [4] What is a Spoofing Attack? The 5 Examples You Need to Know by SoftwareLab.org [5] Vishing Attack by INCOGNIA [6] Phishing attacks warning signs by David Zamerman, Feb 26, 2022

Recommended

Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
IRJET Journal
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
IRJET Journal
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
 
Phishing Website Detection Using Machine Learning
Phishing Website Detection Using Machine LearningPhishing Website Detection Using Machine Learning
Phishing Website Detection Using Machine Learning
IRJET Journal
 
Phishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification AlgorithmsPhishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification Algorithms
IRJET Journal
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
anjandavid
 
Cybercrime - An essential guide from Thawte
Cybercrime - An essential guide from ThawteCybercrime - An essential guide from Thawte
Cybercrime - An essential guide from Thawte
RapidSSLOnline.com
 

Recommended

Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
IRJET Journal
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
IRJET Journal
 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
 
Phishing Website Detection Using Machine Learning
Phishing Website Detection Using Machine LearningPhishing Website Detection Using Machine Learning
Phishing Website Detection Using Machine Learning
IRJET Journal
 
Phishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification AlgorithmsPhishing Website Detection using Classification Algorithms
Phishing Website Detection using Classification Algorithms
IRJET Journal
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
anjandavid
 
Cybercrime - An essential guide from Thawte
Cybercrime - An essential guide from ThawteCybercrime - An essential guide from Thawte
Cybercrime - An essential guide from Thawte
RapidSSLOnline.com
 
Mitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing WebsitesMitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing Websites
IRJET Journal
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET Journal
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
saivarun91
 
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine LearningIRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET Journal
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET Journal
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
IOSR Journals
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
csandit
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICESHOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
AM Publications,India
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Journals
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Publishing House
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
securityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdfsecurityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdf
ssuser6c59cb
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
ijtsrd
 
IRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different TypesIRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different Types
IRJET Journal
 
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
 

More Related Content

Similar to Phishing: Analysis and Countermeasures

Mitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing WebsitesMitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing Websites
IRJET Journal
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET Journal
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
saivarun91
 
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine LearningIRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET Journal
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET Journal
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
IOSR Journals
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
csandit
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICESHOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
AM Publications,India
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Journals
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
eSAT Publishing House
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
Ben Graybar
 
securityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdfsecurityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdf
ssuser6c59cb
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
ijtsrd
 
IRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different TypesIRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different Types
IRJET Journal
 

Similar to Phishing: Analysis and Countermeasures (20)

Mitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing WebsitesMitigation of Cyber Threats through Identification of Phishing Websites
Mitigation of Cyber Threats through Identification of Phishing Websites
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
 
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure AlgorithmIRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
IRJET- Detecting the Phishing Websites using Enhance Secure Algorithm
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine LearningIRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
IRJET - PHISCAN : Phishing Detector Plugin using Machine Learning
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
IRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing WebsitesIRJET - Chrome Extension for Detecting Phishing Websites
IRJET - Chrome Extension for Detecting Phishing Websites
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICESHOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
HOST PROTECTION USING PROCESS WHITE-LISTING, DECEPTION AND REPUTATION SERVICES
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
securityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdfsecurityattackvectorsslidesharefinal-160405191759.pdf
securityattackvectorsslidesharefinal-160405191759.pdf
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
 
IRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different TypesIRJET- Cyber Attacks and its different Types
IRJET- Cyber Attacks and its different Types
 

More from IRJET Journal

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
IRJET Journal
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
IRJET Journal
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
IRJET Journal
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
IRJET Journal
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
IRJET Journal
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
IRJET Journal
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
IRJET Journal
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
IRJET Journal
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
IRJET Journal
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
IRJET Journal
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
IRJET Journal
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
IRJET Journal
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
IRJET Journal
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
IRJET Journal
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
IRJET Journal
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
IRJET Journal
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
IRJET Journal
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
IRJET Journal
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
IRJET Journal
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
IRJET Journal
 

More from IRJET Journal (20)

TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
TUNNELING IN HIMALAYAS WITH NATM METHOD: A SPECIAL REFERENCES TO SUNGAL TUNNE...
 
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURESTUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
STUDY THE EFFECT OF RESPONSE REDUCTION FACTOR ON RC FRAMED STRUCTURE
 
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
A COMPARATIVE ANALYSIS OF RCC ELEMENT OF SLAB WITH STARK STEEL (HYSD STEEL) A...
 
Effect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil CharacteristicsEffect of Camber and Angles of Attack on Airfoil Characteristics
Effect of Camber and Angles of Attack on Airfoil Characteristics
 
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
A Review on the Progress and Challenges of Aluminum-Based Metal Matrix Compos...
 
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
Dynamic Urban Transit Optimization: A Graph Neural Network Approach for Real-...
 
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
Structural Analysis and Design of Multi-Storey Symmetric and Asymmetric Shape...
 
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
A Review of “Seismic Response of RC Structures Having Plan and Vertical Irreg...
 
A REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADASA REVIEW ON MACHINE LEARNING IN ADAS
A REVIEW ON MACHINE LEARNING IN ADAS
 
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
Long Term Trend Analysis of Precipitation and Temperature for Asosa district,...
 
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD ProP.E.B. Framed Structure Design and Analysis Using STAAD Pro
P.E.B. Framed Structure Design and Analysis Using STAAD Pro
 
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
A Review on Innovative Fiber Integration for Enhanced Reinforcement of Concre...
 
Survey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare SystemSurvey Paper on Cloud-Based Secured Healthcare System
Survey Paper on Cloud-Based Secured Healthcare System
 
Review on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridgesReview on studies and research on widening of existing concrete bridges
Review on studies and research on widening of existing concrete bridges
 
React based fullstack edtech web application
React based fullstack edtech web applicationReact based fullstack edtech web application
React based fullstack edtech web application
 
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
A Comprehensive Review of Integrating IoT and Blockchain Technologies in the ...
 
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
A REVIEW ON THE PERFORMANCE OF COCONUT FIBRE REINFORCED CONCRETE.
 
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
Optimizing Business Management Process Workflows: The Dynamic Influence of Mi...
 
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic DesignMultistoried and Multi Bay Steel Building Frame by using Seismic Design
Multistoried and Multi Bay Steel Building Frame by using Seismic Design
 
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
Cost Optimization of Construction Using Plastic Waste as a Sustainable Constr...
 

Recently uploaded

PPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testingPPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testing
anoopmanoharan2
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
Madan Karki
 
CSM Cloud Service Management Presentarion
CSM Cloud Service Management PresentarionCSM Cloud Service Management Presentarion
CSM Cloud Service Management Presentarion
rpskprasana
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
wisnuprabawa3
 
Series of visio cisco devices Cisco_Icons.ppt
Series of visio cisco devices Cisco_Icons.pptSeries of visio cisco devices Cisco_Icons.ppt
Series of visio cisco devices Cisco_Icons.ppt
PauloRodrigues104553
 
Properties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptxProperties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptx
MDSABBIROJJAMANPAYEL
 
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
Mukeshwaran Balu
 
A review on techniques and modelling methodologies used for checking electrom...
A review on techniques and modelling methodologies used for checking electrom...A review on techniques and modelling methodologies used for checking electrom...
A review on techniques and modelling methodologies used for checking electrom...
nooriasukmaningtyas
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
VICTOR MAESTRE RAMIREZ
 
Wearable antenna for antenna applications
Wearable antenna for antenna applicationsWearable antenna for antenna applications
Wearable antenna for antenna applications
Madhumitha Jayaram
 
Swimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptxSwimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptx
yokeleetan1
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTCHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
jpsjournal1
 
Embedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoringEmbedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoring
IJECEIAES
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
mahammadsalmanmech
 
132/33KV substation case study Presentation
132/33KV substation case study Presentation132/33KV substation case study Presentation
132/33KV substation case study Presentation
kandramariana6
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
drwaing
 
International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...
gerogepatton
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsKuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
Victor Morales
 

Recently uploaded (20)

PPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testingPPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testing
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
 
CSM Cloud Service Management Presentarion
CSM Cloud Service Management PresentarionCSM Cloud Service Management Presentarion
CSM Cloud Service Management Presentarion
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
 
Series of visio cisco devices Cisco_Icons.ppt
Series of visio cisco devices Cisco_Icons.pptSeries of visio cisco devices Cisco_Icons.ppt
Series of visio cisco devices Cisco_Icons.ppt
 
Properties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptxProperties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptx
 
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
ACRP 4-09 Risk Assessment Method to Support Modification of Airfield Separat...
 
A review on techniques and modelling methodologies used for checking electrom...
A review on techniques and modelling methodologies used for checking electrom...A review on techniques and modelling methodologies used for checking electrom...
A review on techniques and modelling methodologies used for checking electrom...
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
 
Wearable antenna for antenna applications
Wearable antenna for antenna applicationsWearable antenna for antenna applications
Wearable antenna for antenna applications
 
Swimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptxSwimming pool mechanical components design.pptx
Swimming pool mechanical components design.pptx
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECTCHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
CHINA’S GEO-ECONOMIC OUTREACH IN CENTRAL ASIAN COUNTRIES AND FUTURE PROSPECT
 
Embedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoringEmbedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoring
 
Question paper of renewable energy sources
Question paper of renewable energy sourcesQuestion paper of renewable energy sources
Question paper of renewable energy sources
 
132/33KV substation case study Presentation
132/33KV substation case study Presentation132/33KV substation case study Presentation
132/33KV substation case study Presentation
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
 
International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...International Conference on NLP, Artificial Intelligence, Machine Learning an...
International Conference on NLP, Artificial Intelligence, Machine Learning an...
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressionsKuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
KuberTENes Birthday Bash Guadalajara - K8sGPT first impressions
 

Phishing: Analysis and Countermeasures

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 75 Phishing: Analysis and Countermeasures Bhagyashree Ankush Alandkar & Bhakti Desai Student, M. Sc IT, Keraleeya Samajam (Regd.) Dombivli’s Model College, Maharashtra, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract – Without the internet, our daily lives are inconceivable. One of the most important forms of communication we use every day is email. We prefer to just use it regularly for business communications, but we also use it to stay in touch with our friends and family. Due of the significant significance that email plays in international communication and information sharing. Even so, security issues have accumulated. E-Mail phishing is the most significant drawback or hacker attack on email in today's world. The moment is right to secure information sent via mail, even on specific networks. Cybercriminalscreatethese emails to appear credible, which makes virtually millions of people throughout the world fall for them. The criminals don't have a specific victim in mind. Key Words: Phishing, attacks 1. INTRODUCTION Phishing is a type of email fraud in which the perpetrator sends out seemingly valid emails to target specific individuals in an effort to collect their personal andfinancial information. The communications typically look tooriginate from reputableandwell-knownwebsites. Thephisherplaces the lure in the hopes of fooling at least some of the prey that come into contact with it, just like the fishing trip it gets its name from. Phishers deceive their targets by employing a variety of social engineering techniques and email spoofing techniques. Due to the important functionthatemail playsin communication and information sharing on a worldwide scale. The safety issueshave evengottenworse.Themajority of the email servers used in the mail infrastructure on the internet are attacked. 2. HOW PHISHING ATTACKS WORKS We need to comprehend the justifications for hostile attacks in order to comprehend how they operate. There are two main purposes of a phishing assault. 1) To extract sensitive data, first These attacks employ techniques that compel the victims to reveal sensitive and private information. Hackers want the ability to break into a private or public network,steal money from someone, or use another person's credentials to carry out illegal activities. Checking account information isamong the clearly questionable data that hackers request from victims. 2) To infect the system with malware With such attacks, hackers also primarily aim to infect the victim's PC with malware or viruses. These emails include Microsoft Office zipped files. 3. STAGES OF PHISHING ATTACK It's crucial to first comprehend how phishing attacks operate in order to stop one in its tracks. Let's go over the stages of a typical phishing attack that are most common [1]: Figure 1 stages of phishing attack  Creating the fake website. To create spoof websites, the hacker steals real code and legitimate images from websites. According to some estimates, hackers create 1.5 million spoof websites each month. Due to the availability of affordable internet scraping tools, this is nowsimplerthanever.Hackersfrequentlycreate fake websites with well-known and reliable domain names. They are also recovering at their trade. Even experienced security personnel will struggle to identify fakes.  The phishing email's transmission. The hacker launches the associate degree email phishing scam after creating the fake website. These emails,whichare incredibly convincing, include content, images, and a link to the fake website. The victim is urged to open the link in the email with statementslike,"Youraccounthasbeenhijacked!" On a huge scale, this occurs. Every day, hackers send an estimated three billion phishing emails.
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 76 • Focusing the victim search After developing the bogus website, the hacker starts the associate's email phishing scheme. Theseemailscontaintext, graphics, and a link to the false website, and they are quite convincing. In the email, the victim is prompted to click the link and is told things like, "Your account has been hijacked!" This happens on an enormous scale. An estimated three billion phishing emails are sent out daily by hackers.  Taking the bait. If a hacker is persistent, a victim will eventually fall for the lure. A silentattack willclaim thousands oflives.Thevictim's financial assets, such as credit cards, bank accounts, or legal documents, may occasionally need to be taken. Others want to gather as many credentials as they can to sell online. 4. PHISHING SCAMS TO AVOID • Spear Phishing Attacks Many different types of tailored phishing are referred to as spear phishing. With spear-phishing assaults, the hacker tries to learn as much as they can about you, including your name, company, position,andphonenumber.Theythentake advantage of this knowledge by pretending to be someone you know and trust in order to persuade you to comply with the attacker's demands. Example: Because Amazon is so widely known, all cybercriminals don't have to put up a lot of effort to deceive their customers; the bulk of phishing attempts are generic. A clever spear phishing assault in 2015 tricked several customers into installing ransomware. Users who had recently placed an order with theWorldHealthOrganization received an email from the con artists. • Whaling Whaling is a type of phishing assault that targets people in positions of authority within a large corporation. This often denotes a senior management with access to or knowledge of sensitive firm information, such as a chief executive officer, business executive, or another senior manager. The fact that the targets are the "big fishes" in the phishing pool is what is meant by the phrase "whaling." Whaling attacks are frequently very carefully planned and aim to obtain important company information for the phisher's benefit. Attacks against whales are often planned out over a long period of time, and they are highly tailored and elaborate. Example: The co-founder of Australian hedge fund Levitas Capital clicked on a fake Zoom link in the month of 2020. • Pharming Other methods of manipulating targets on the internet include phishing and pharmacy fraud. Phishing is a technique used to trick a victim into giving theirinformation to a fake website. Pharming involves changing DNS information, so when a person types in an online address, they will likely be forwarded to the wrong website. This means that the DNS server responsible for converting the website address into the address for crucial information processing will need to be adjusted, and website traffic will also be diverted to another site. Due to flaws in the DNS server package, pharming attacks can happen and are frequently difficult to detect. The simplest way to identify a potential pharming assault is to raise the alarm if a common web. • Spoofing Spoofing is the act of a gouger acting as someone else in order to persuade the target totakea particularaction.Many phishing attempts consequently make use of spoofing; a phisher could pose as a member of your IT department and urge you to visit a website and confirm your laptop login information. As a result, this website is a fake, and the phisher has obtained access to your login information without your knowledge. However, not all spoofing assaults are actually phishing; some phishers utilise spoofing as a means of manipulation. A spoofing attack might involve a hacker posing as a coworker and asking you to send a file, but the file is actually a trojan. • Vishing Vishing is the telephone equivalent ofphishing,inwhich the targets are chosen by the con artists in order to obtain information. Vishers pose as a respectable organisation and harass you for your personal information by using various forms of persuasion or "social engineering." Be extremely careful when disclosing any sensitive information over the phone, especially if the number is restricted or you are unfamiliar with the area code or number. If at all possible, ask for the amount you can decide back and verifyitwiththe source they say they are, or decide the party's customer service and ask if they need to get in touch with you. Example: In this attack, a link will cause a page to open alerting you that a problem has been found with your computer and that you should choose a support option to resolve it. The offender may also decide to inform the victim that assistance is being sought for them due to a tool failure. This is a common tactic. A price is assessed at the end of the service for fixing a tangle that didn't initially exist [7].
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 77 5. PHISHING ATTACKS: WARNING SIGNS A phishing website (also known as a faked website) often makes an effort to appear at least somewhat trustworthy. It will be designed to look like an authentic, already-existing website, imitating sites for your banks or healthcare facilities, for example. The website is designed for you to disclose your login information or other personal information. You might get an email or text message with a link to the current website, but you could also accidentally type in the wrong URL or use the wrong search term to land on the page. The main concern is then to be wary about the sender of the email or instant message and make sure you know who sent it, or that the sender is someone you trust.  Email from unacquainted Sender There are several things you might consider when you receive an email to determine whether you might be the victim of a phishing assault. Look at the email sender's information first. The phishing attempt can come from a suspicious-looking email that youhaveneverseenbefore. As luck would have it, there are forums and online tools that can help you determine whether or not the source is trustworthy if you have any questions. Simply copy the sender's email and search for terms like "phishing attempt," "hacking," or "scam" on Google. You may be able to tell that the email is from a cybercriminal if others have reported it. However, there is a problem with this technique because phishers are quite aware of the forums and frequently and easily change their emails. Additionally, they would utilise these support forums as a way to legitimise their own fraud by giving themselves positive evaluations and insisting that the email offer was genuine [8].  Sender’s Email looks Off The phishing attempt may come from a business that appears to be fully trustworthy and legitimatebutisactually not from the firm it purports to be. For example, if you search for a Sanket bank and see that they are using their logo, you might assume the email iscomingfroma legitimate source without realising that it could be that Sanket's email has been hacked or that a different email has been created that matches Sanket's email but isn't the right email type.  Writing Tone Is Odd Another major cautionary sign is when the email address looks familiar but thecontentorpresentationseems strange. If the email contains grammatical or spelling mistakes that your contact is unlikely to make or does not frequently make, it's possible that the sender is actually a phisher. As phishingscamsbecomemoresophisticated,their language and design may also be well-thought-out and appear to be extremely trustworthy. Yet people often have a really certain style and elegance of communicating, and you seem to be drawn to it, either consciously or unconsciously. If an email seems "fishy," you may have unconsciously noticed that the sender is using language and a style that are not typical of them. Follow your gut, and if something seems strange, look into the email before you answer.  Greeting Oddly Generic In order to trick you, phishingcriminalssendouta tonne of generic emails that start with "Dear Customer" and refer to "Your Business" or "Your Bank." This is frequently especially concerning if the email appearstobecomingfrom someone who should have a lot of information about you, such as a partner you have met beforeorsomeonefromyour company [8]. 6. PHISHING EMAIL EXAMPLES TO LEARN FROM 1) An example of a phishing email with a suspicious email address. 2) An example of a phishing email where the con artist promises financial rewards. Sample of a phishing email asking you to confirm your account information. 4) An illustration of a phishing email with fake financial documents. 5) A phishing email that purports to be from an employee of your company. 6) A phishing email illustration requesting a payment confirmation. 7) Voicemail scam examples using phishing emails. Account Deactivation (No. 8) 9) Fraudulent Credit Card 10) Transmit Money 11)Social media Request No. 7. HOW TO DEFEND AGAINST PHISHING EMAILS Remember these 5 principles for creating a culture of cyber security awareness when constructing a defence against phishing emails:
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 78 Figure 2. How to defend against phishing emails • Educate: To coach, train, and change behaviour, use phishing microlearning and security awareness coaching. • Monitor: Check employee information using phishing simulation tools to see if an agency is at risk of a cyber- attack. • Communicate: Provide up-to-date communications and campaigns about social engineering, cyber security, and phishing emails. • Integrate: Make project management, training, support, and awareness campaigns for cyber security a part of your business culture. You need defence against phishing email attacks. The same sentiment also applies to your coworkers, organisation, friends, and family. Everyone ought to be able to safeguard their info. Making the most of cyber security awareness is the greatest way to do this. 8. THE FREQUENCY OF PHISHING ATTACKS Every year, phishing becomes more prevalent and poses a significant hazard. According to a 2021 Tessian analysis, the average number of phishing emailsreceivedbyemployeesis 14. Certain industrieswereparticularlyhardimpacted;retail workers received a median salary of $49. The majority of the email-based attacks between May and August 2021, according toESET's2021analysis,were partof phishing campaigns. IBM's 2021 analysis corroborated this trend by noting a two-point increase in phishing attacks between 2019 and 2020, which was partially fueled by COVID-19 and supply chain uncertainty. According to CISCO's report on cybersecurity threat patterns for 2021, at least one employee of about 86 firms clicked on a phishing link. According to the company's knowledge, phishing accounts for over 90 percent of data breaches. Phishing attacks increased by 52 percent in December, according to CISCO, who discovered that the activity tends to peak around holiday times. According to the results of a global poll, 83 percent of IT departments at Indian companies predicted a rise in the number of phishing emails aimed at their employees in 2020. One of the reasons for its effectiveness is its capacity to continuously evolve and diversify, trade offences to contemporary issues or concerns, such as thepandemic,and capitalise on people's emotions and trust "Urban Center Wisniewski, the head of analysis at Sophos, said as much. Phishing is frequently the first phase in a very intricate, multi-phase attack. According to Sophos quick Response, hackers frequently use phishing emails to coerce users into installing malware or disclosing login information for the workplace network "A second Wisniewski. Also, the results show that there is no universal agreement on what is meant by"phishing."Asanillustration, 67 percent of IT organisations in India equate phishing with emails that falsely purport to be from a genuine company and that frequently include a threat or a requestforpersonal information. Sixty-one percent of respondents think that Business Email Compromise (BEC) attacks arephishing,and fifty percent of respondents think that threadjacking— where attackers inject themselves into a legitimate email thread as part of an attack—is phishing. The good news is that almost all Indian businesses (98%) have implemented cybersecurity education campaigns to thwart phishing. Respondents reported using phishing simulations (51%), computer-based coaching programmes (67%), and human-led coaching programmes (60%). According to the poll, four-fifths of Indian firms gauge the success of their awareness campaign by the number of IT tickets related to phishing, which is followed by user coverage of phishing emails (at 77%) and phishing email clickthrough rates (at 60%). Every firm surveyed in the city, Hyderabad, and metropolis (100%) felt it is necessary to have cybersecurity awareness initiatives in place. When ninety-seven states had such programmes, Chennai was next, putting Bengaluru and the city at ninety-six each. 9. CONCLUSION Phishing attacks continue to be a major concern to both individuals and businesses today. This can be primarily caused by human engagement in the phishing cycle, as the paper points out. Phishers typically target human weaknesses in addition to favourable technology situations
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 10 Issue: 04 | Apr 2023 www.irjet.net p-ISSN: 2395-0072 © 2023, IRJET | Impact Factor value: 8.226 | ISO 9001:2008 Certified Journal | Page 79 (i.e., technical vulnerabilities). It is well established that a variety of factors, including age, gender, internet addiction, user stress, and many others, can affect a person's susceptibility to phishing. In addition to more recent phishing mediums like voice and SMS phishing, more traditional phishing channels like email and the web arestill in use. Concomitantly, phishing has developed on the far side getting sensitive data and monetary crimes to cyber coercion, hacktivism, damaging reputations, espionage, and nation-state attacks. analysis has been conductedtospotthe motivations and techniques and countermeasures to those new crimes, however, there's no single answer for the phishing drawback because of the heterogeneous nature of the attack vector. The challenges caused by phishing have been examined in this book, and a new anatomy that outlines the entire life cycle of phishing attempts has been planned. This associate deprecatory offers a broaderperspectiveonphishingattacks and a correct definition that covers the attack's realisation and end-to-end exclusion. Although the best defence against phishing is human education, the sophistication of the assaults and social engineering components make it difficult to completely eliminate the threat. Developing affordable anti-phishing strategies that prevent users from being exposed to the attack is a critical step in minimising these attacks, even though ongoing security awareness training is the key to avoiding phishing attacks and to reduce their impact. This text concluded by mentioning the significance of creating anti-phishing techniques that recognise and stop the attack. Also, the significance of methods to identify thesourceofthe assault may provide a stronger anti-phishing solution, as discussed in this article. 10. ACKNOWLEGEMENT I am incredibly humbled and grateful to express my gratitude to everyone who has helped me put these ideas into one concrete item, way above the level of their simplicity. I want to specifically thank Assistant Professor Jyoti Samel for giving me the chance to conduct this excellent research on the subject of "Phishing: An Open Threat to Everyone." Her support allowed me to conduct a lot of research and learn a lot of new information. I sincerely appreciateher. My sincere gratitude is extended to our research paper advisor for her insightful and timely counsel throughout the many research phases. Without the support and guidance of my parents and friends, no attempt at any level can be satisfactorily completed. Despite their busy schedules, they gave me different ideas for how to make this project unique. They helped me gather a variety of information, aggregate it, and guide me periodically in making this paper. 11. REFERENCES [1] Phishing attack on the rise by APN News, Saturday, March, 2022 [2] Spear phishing examples by Phish Protection [3] What is Whaling? Whaling Email Attacks Explained by Tessian, 11 August 2021 [4] What is a Spoofing Attack? The 5 Examples You Need to Know by SoftwareLab.org [5] Vishing Attack by INCOGNIA [6] Phishing attacks warning signs by David Zamerman, Feb 26, 2022