This paper proposes a phishing detection technique based on the difference between the target and actual identities of a webpage. The proposed phishing detection approach, called PhishWHO, can be divided into three phases. The first phase extracts identity keywords from the textual contents of the website, where a novel weighted URL tokens system based on the N-gram model is proposed. The secon...

Phishing risk is a growing area of concern for corporations, governments, and individuals. Given the evidence that users vary widely in their vulnerability to phishing attacks, we demonstrate an approach for assessing the benefits and costs of interventions that target the most vulnerable users. Our approach uses Monte Carlo simulation to (1) identify which users were most vulnerable, in signal...

Phishing attacks pose a serious threat to end-users and commercial institutions alike. Majority of the present day phishing attacks employ e-mail as their primary carrier, in order to allure unsuspecting victims to visit the masqueraded website. While the recent defense mechanisms focus on detection by validating the authenticity of the website, very few approaches have been proposed which conc...

A victim of phishing emails could be subjected to money loss and identity theft. This paper investigates the different types of phishing email victims, with the goal of increasing such victims’ defences. To obtain this kind of information, an experiment which involves sending a phishing email to participants is conducted. Quantitative and qualitative methods are also used to collect users’ info...

The large-scale deployment of modern phishing attacks relies on the automatic exploitation of vulnerable websites in the wild, to maximize profit while hindering attack traceability, detection and blacklisting. To the best of our knowledge, this is the first work that specifically leverages this adversarial behavior for detection purposes. We show that phishing webpages can be accurately detect...

We discuss a classification-based approach for filtering phishing messages in an e-mail stream. Upon arrival, various features of every e-mail are extracted. This forms the basis of a classification process which detects potentially harmful phishing messages. We introduce various new features for identifying phishing e-mail and rank established as well as newly introduced features according to ...

Nowadays Online transactions are become very common and there are various attacks occur behind this. In these types of various attacks, phishing is very common attack. For detecting this attack various anti-phishing mechanisms are used. Propose a new authentication scheme for se-cure OTP distribution in phishing website detection through EVC and QR codes. The Website Detection using extended vi...