A literature survey on social engineering attacks: Phishing attack

Phishing is a network type attack where the attacker creates the fake of an existing webpage to fool an online user into elicit personal Information. The prime objective of this review is to do literature survey on social engineering attack: Phishing attack and techniques to detect attack. Phishing is the combination of social engineering and technical methods to convince the user to reveal their personal data. The paper discusses about the Phishing social engineering attack theoretically and their issues in the life of human Beings. Phishing is typically carried out by Email spoofing or instant messaging. It targets the user who has no knowledge about social engineering attacks, and internet security, like persons who do not take care of privacy of their accounts details such as Facebook, Gmail, credit banks accounts and other financial accounts. The paper discusses various types of Phishing attacks such as Tab-napping, spoofing emails, Trojan horse, hacking and how to prevent them. At the same time this paper also provides different techniques to detect these attacks so that they can be easily dealt with in case one of them occurs. The paper gives a thorough analysis of various Phishing attacks along with their advantages and disadvantages.

[1]  Chuanxiong Guo,et al.  Online Detection and Prevention of Phishing Attacks , 2006, 2006 First International Conference on Communications and Networking in China.

[2]  Christopher Hunt,et al.  Notes on the OpenSURF Library , 2009 .

[3]  Christopher Hadnagy,et al.  Social Engineering: The Art of Human Hacking , 2010 .

[4]  Hein S. Venter,et al.  Social engineering attack detection model: SEADM , 2010, 2010 Information Security for South Africa.

[5]  Masakatsu Nishigaki,et al.  A Study of Prevention for Social Engineering Attacks Using Real/Fake Organization's Uniforms: Application of Radio and Intra-Body Communication Technologies , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[6]  Christian H. Sanabria,et al.  Social Network Security Issues : Social Engineering and Phishing Attacks , 2012 .

[7]  U. Vidya Sagar,et al.  Intelligent Phishing Website Detection and Prevention System by Using Link Guard Algorithm , 2013 .

[8]  Dhananjay Kulkarni,et al.  A Steganography-based framework to prevent active attacks during user authentication , 2013, 2013 8th International Conference on Computer Science & Education.

[9]  Hein S. Venter,et al.  Social engineering attack framework , 2014, 2014 Information Security for South Africa.

[10]  Hein S. Venter,et al.  Towards an Ontological Model Defining the Social Engineering Domain , 2014, HCC.

[11]  Yongchen Li,et al.  An efficient image matching method using Speed Up Robust Features , 2014, 2014 IEEE International Conference on Mechatronics and Automation.

[12]  Syed Taqi Ali,et al.  A Computer Vision Technique to Detect Phishing Attacks , 2015, 2015 Fifth International Conference on Communication Systems and Network Technologies.

[13]  XIV , 2018, Out of the Shadow.