Abstract
Phishing is a form of online identity theft in which the attacker attempts to fraudulently retrieve a legitimate user's account information, logon credentials or identity information in general. The compromised information is then used for withdrawing money online, taking out cash advances, or making purchases of goods and services on the accounts. Various solutions have been proposed and developed in response to phishing. As phishing is a business problem, the solutions target both non-technical and technical areas. This paper investigates the current anti-phishing solutions and critically reviews their usage, security weaknesses and their effectiveness. The analysis of these models points to a conclusion that technology alone will not completely stop phishing. What is necessary is a multi-tiered, organised approach: user awareness, technical and non-technical solutions should work together.
Original language | English |
---|---|
DOIs | |
Publication status | Published - 2008 |
Externally published | Yes |
Event | International Conference on Internet Technology and Secured Transactions (ICITST 2008) - Dublin, Ireland Duration: 23 Jun 2008 → 28 Jun 2008 |
Conference
Conference | International Conference on Internet Technology and Secured Transactions (ICITST 2008) |
---|---|
Country/Territory | Ireland |
City | Dublin |
Period | 23/06/08 → 28/06/08 |
Keywords
- phishing
- online identity theft
- account information
- logon credentials
- identity information
- security weaknesses
- user awareness
- technical solutions
- non-technical solutions