One significant trend in online user authentication is using Web Single Sign-On (SSO) systems. Especially, open Web SSO standards such as OpenID and OAuth are rapidly gaining adoption on the Web, and they enable over one billion user accounts. However, the largescale threat from phishing attacks to real-worldWeb SSO systems has been significantly underestimated and insufficiently analyzed. In t...

Article history: Received 4 August 2007 Received in revised form 24 January 2008 Accepted 5 March 2008 Available online 13 March 2008 Phishing has enormous impacts on the financial industry. This research aims to investigate antiphishing preparedness of banks in Hong Kong. Web sites of registered Hong Kong banks are analyzed. Information related to phishing and anti-phishing measures adopted by...

Phishing attacks were responsible for $3.2 billion dollars in losses during 2007 and the number of attacks is increasing daily. According to the United States Computer Emergency Readiness Team, phishing was the top security threat during the first quarter of 2007, comprising 48% of all reported incidents. The purpose of this study was to identify the level of student awareness related to specif...

Phishing has become a substantial threat for internet users and a major cause of financial losses. In these attacks the cybercriminals carry out user credential information and users can fall victim. The current solution against phishing attacks are not sufficient to detect and work against novel phishes. This paper presents a systematic review of the previous and current research waves done on...

Phishing is a new type of network attack where the attacker creates a replica of an existing web page to fool users in to submitting personal, financial, or password data to what they think is their service provider‟s website. The concept is an end-host based anti-phishing algorithm, called the Link Guard, by utilizing the generic characteristics of the hyperlinks in phishing attacks. The link ...

Phishing is a web-based attack that uses social engineering techniques to exploit Internet users and acquire sensitive data. Most phishing attacks work by creating a fake version of the real site’s web interface to gain the user’s trust. Despite the fact that these phishing sites look identical or nearly identical to the real sites they imitate, user studies have shown that users ignore browser...

Internet technology is so pervasive today, for example, from online social networking to online banking, it has made people’s lives more comfortable. Due the growth of Internet technology, security threats to systems and networks are relentlessly inventive. One such a serious threat is “phishing”, in which, attackers attempt to steal the user’s credentials using fake emails or websites or both....

OBJECTIVE We use signal detection theory to measure vulnerability to phishing attacks, including variation in performance across task conditions. BACKGROUND Phishing attacks are difficult to prevent with technology alone, as long as technology is operated by people. Those responsible for managing security risks must understand user decision making in order to create and evaluate potential sol...