Tutorial and Critical Analysis of Phishing Websites Methods

The Internet has become an essential component of our everyday social and financial activities. Internet is not important for individual users only but also for organizations, because organizations that offer online trading can achieve a competitive edge by serving worldwide clients. Internet facilitates reaching customers all over the globe without any market place restrictions and with effective use of e-commerce. As a result, the number of customers who rely on the Internet to perform procurements is increasing dramatically. Hundreds of millions of dollars are transferred through the Internet every day. This amount of money was tempting the fraudsters to carry out their fraudulent operations. Hence, Internet users may be vulnerable to different types of web threats, which may cause financial damages, identity theft, loss of private information, brand reputation damage and loss of customers’ confidence in e-commerce and online banking. Therefore, suitability of the Internet for commercial transactions becomes doubtful. Phishing is considered a form of web threats that is defined as the art of impersonating a website of an honest enterprise aiming to obtain user’s confidential credentials such as usernames, passwords and social security numbers. In this article, the phishing phenomena will be discussed in detail. In addition, we present a survey of the state of the art research on such attack. Moreover, we aim to recognize the up-to-date developments in phishing and its precautionary measures and provide a comprehensive study and evaluation of these researches to realize the gap that is still predominating in this area. This research will mostly focus on the web based phishing detection methods rather than email based detection methods

Detecting Abnormal Social Robot Behavior through Emotion Recognition

Sharing characteristics with both the Internet of Things and the Cyber Physical Systems categories, a new type of device has arrived to claim a third category and raise its very own privacy concerns. Social robots are in the market asking consumers to become part of their daily routine and interactions. Ranging in the level and method of communication with the users, all social robots are able to collect, share and analyze a great variety and large volume of personal data.In this thesis, we focus the community’s attention to this emerging area of interest for privacy and security research. We discuss the likely privacy issues, comment on current defense mechanisms that are applicable to this new category of devices, outline new forms of attack that are made possible through social robots, highlight paths that research on consumer perceptions could follow, and propose a system for detecting abnormal social robot behavior based on emotion detection

Awareness and perception of phishing variants from Policing, Computing and Criminology students in Canterbury Christ Church University

This study focuses on gauging awareness of different phishing communication students in the School of Law, Policing and Social Sciences and the School of Engineering, Technology and Design in Canterbury Christ Church University and their perception of different phishing variants. There is an exploration of the underlying factors in which students fall victim to different types of phishing attacks from questionnaires and a focus group. The students’ perception of different types of phishing variants was varied from the focus group and anonymised questionnaires. A total of 177 respondents participated in anonymised questionnaires in the study. Students were asked a mixture of scenario-based questions on different phishing attacks, their awareness levels of security tools that can be used against some phishing variants, and if they received any phishing emails in the past. Additionally, 6 computing students in a focus group discussed different types of phishing attacks and recommended potential security countermeasures against them. The vulnerabilities and issues of anti-phishing software, firewalls, and internet browsers that have security toolbars are explained in the study against different types of phishing attacks. The focus group was with computing students and their knowledge about certain phishing variants was limited. The discussion within the focus group was gauging the computing students' understanding and awareness of phishing variants. The questionnaire data collection sample was with first year criminology and final year policing students which may have influenced the results of the questionnaire in terms of their understanding, security countermeasures, and how they identify certain phishing variants. The anonymised questionnaire awareness levels on different types of phishing fluctuated in terms of lack of awareness on certain phishing variants. Some criminology and policing students either did not know about phishing variants or had limited knowledge about different types of phishing communication, security countermeasures, the identifying features of a phishing message, and the precautions they should take against phishing variants from fraudsters

An Analysis of Faculty and Staff\u27s Identification of Malware Threats

This document presents findings related to faculty and staff member’s ability to identify malware threats. This study involved discovering the most common incidents of malware threats to higher education systems. From this research, eight categories of malware were identified to be the most common threats to higher education systems. This document also describes the impact of malware intrusions on higher education systems to emphasis the importance of recognizing malware threats. Faculty and staff members at a midsize southeastern university were presented with realistic scenarios to determine the ability to identify malware threats. The results indicate malware categories such as virus, Trojan, browser hijacker, adware, and ransomware were identifiable by faculty and staff. Additionally, the findings demonstrate malware threats in the worm, spyware, and rootkit categories were difficult for faculty and staff members to identify. A recommendation for educating faculty and staff members to better identify malware threats in the less identified categories was proposed to help mitigate future malware intrusions. Future recommendations include investigating new types of malware risks and students’ awareness, or recognition of malware threats and solutions for mitigating these risks