Phishing Attacks: A Challenge Ahead

Publication Type:

Journal Article


Information & Security: An International Journal, Volume 26, Issue 1, p.12-26 (2011)


Browser Indicators, Cookies, Dynamic Identity, Password Authentication, Phishing


<p>Password based authentication is used in online web applications due to its simplicity and convenience. Main advantage of passwords is that users can memorize them easily without needing any hardware to store them. Efficient password based authentication schemes are required to authenticate legitimacy of remote users or data origin authentication over an insecure communication channel. Password based authentication schemes are highly susceptible to phishing attacks. The phishing attacks are becoming more and more sophisticated and therefore require strong countermeasures. It is important to detect the phishing sites early because most of them are short-lived and cause the damage in the short time span between going online and vanishing. Phishing is doing direct damage to the financial industry and is also affecting the expansion of e-commerce. In this paper, we present the survey of different anti-phishing techniques based on several crucial criteria. This study will help in developing different password based anti-phishing authentication techniques for web applications. Financial transactions in web applications require highly secure authentication protocols. Phishing is the biggest problem financial organizations are facing to provide online transaction services. Most threatening phishing attacks require countermeasures to make online transactions reliable and secure.</p>