Phishing: Analysis and Countermeasures

Phishing: Analysis and Countermeasures

Abstract – Without the internet, our daily lives are inconceivable. One of the most important forms of communicationweuseeverydayisemail.Weprefertojust use it regularly for business communications, but we also useittostayintouchwithourfriendsandfamily.Dueofthe significant significance that email plays in international communicationandinformationsharing.Evenso,security issues have accumulated. E-Mail phishing is the most significant drawback or hacker attack on email in today's world.Themomentisrighttosecureinformationsentvia mail,evenonspecificnetworks.Cybercriminalscreatethese emailstoappearcredible,whichmakesvirtuallymillionsof people throughout the world fall for them. The criminals don'thaveaspecificvictiminmind.

Key Words: Phishing,attacks

1. INTRODUCTION

Phishingisatypeofemailfraudinwhichtheperpetrator sends out seemingly valid emails to target specific individualsinanefforttocollecttheirpersonalandfinancial information.Thecommunicationstypicallylooktooriginate fromreputableandwell-knownwebsites.Thephisherplaces thelureinthehopesoffoolingatleastsomeofthepreythat comeintocontactwithit,justlikethefishingtripitgetsits name from. Phishers deceive their targets by employing a varietyofsocialengineeringtechniquesandemailspoofing techniques.Duetotheimportantfunctionthatemailplaysin communication and information sharing on a worldwide scale.Thesafetyissueshaveevengottenworse.Themajority oftheemailserversusedinthemailinfrastructureonthe internetareattacked.

2. HOW PHISHING ATTACKS WORKS

Weneedtocomprehendthejustificationsforhostileattacks in order to comprehend how they operate. There are two mainpurposesofaphishingassault.

1) Toextractsensitivedata,first

Theseattacksemploytechniquesthatcompelthevictimsto revealsensitiveandprivateinformation.Hackerswantthe abilitytobreakintoaprivateorpublicnetwork,stealmoney fromsomeone,oruseanotherperson'scredentialstocarry outillegalactivities.Checkingaccountinformationisamong the clearly questionable data that hackers request from victims.

2)Toinfectthesystemwithmalware

Withsuchattacks,hackersalsoprimarilyaimtoinfectthe victim'sPCwithmalwareorviruses.Theseemailsinclude MicrosoftOfficezippedfiles

3. STAGES OF PHISHING ATTACK

It's crucial to first comprehend how phishing attacks operateinordertostoponeinitstracks.Let'sgooverthe stages of a typical phishing attack that are most common [1]:

Figure1stagesofphishingattack

 Creatingthefakewebsite.

Tocreatespoofwebsites,thehackerstealsrealcodeand legitimate images from websites. According to some estimates, hackers create 1.5 million spoof websites each month.Duetotheavailabilityofaffordableinternetscraping tools,thisisnowsimplerthanever.Hackersfrequentlycreate fakewebsiteswithwell-knownandreliabledomainnames. They are also recovering at their trade. Even experienced securitypersonnelwillstruggletoidentifyfakes.

 Thephishingemail'stransmission.

Thehackerlaunchestheassociatedegreeemailphishing scamaftercreatingthefakewebsite.Theseemails,whichare incrediblyconvincing,includecontent,images,andalinkto thefakewebsite.Thevictimisurgedtoopenthelinkinthe emailwithstatementslike,"Youraccounthasbeenhijacked!" On a huge scale, this occurs. Every day, hackers send an estimatedthreebillionphishingemails.

•Focusingthevictimsearch

After developing the bogus website, the hacker starts the associate'semailphishingscheme.Theseemailscontaintext, graphics,andalinktothefalsewebsite,andtheyarequite convincing.Intheemail,thevictimispromptedtoclickthe linkandistoldthingslike,"Youraccounthasbeenhijacked!" This happens on an enormous scale. An estimated three billionphishingemailsaresentoutdailybyhackers.



Takingthebait.

Ifahackerispersistent,avictimwilleventuallyfallforthe lure.Asilentattackwillclaimthousandsoflives.Thevictim's financialassets,suchascreditcards,bankaccounts,orlegal documents,mayoccasionallyneedtobetaken.Otherswant togatherasmanycredentialsastheycantosellonline.

4. PHISHING SCAMS TO AVOID

•

SpearPhishingAttacks

Manydifferenttypesoftailoredphishingarereferredto asspearphishing.Withspear-phishingassaults,thehacker triestolearnasmuchastheycanaboutyou,includingyour name,company,position,andphonenumber.Theythentake advantageofthisknowledgebypretendingtobesomeone youknowandtrustinordertopersuadeyoutocomplywith theattacker'sdemands.

Example: Because Amazon is so widely known, all cybercriminalsdon'thavetoputupalotofefforttodeceive theircustomers;thebulkofphishingattemptsaregeneric.

A clever spear phishing assault in 2015 tricked several customers into installing ransomware. Users who had recentlyplacedanorderwiththeWorldHealthOrganization receivedanemailfromtheconartists.

• Whaling

Whalingisatypeofphishingassaultthattargetspeople in positions of authority within a large corporation. This often denotes a senior management with access to or knowledge of sensitive firm information, such as a chief executive officer, business executive, or another senior manager.Thefactthatthetargetsarethe"bigfishes"inthe phishing pool is what is meant by the phrase "whaling." Whalingattacksarefrequentlyverycarefullyplannedand aim to obtain important company information for the phisher'sbenefit.Attacksagainstwhalesareoftenplanned outoveralongperiodoftime,andtheyarehighlytailored andelaborate.

Example:Theco-founderofAustralianhedgefundLevitas CapitalclickedonafakeZoomlinkinthemonthof2020.

• Pharming

Othermethodsofmanipulatingtargetsontheinternet include phishing and pharmacy fraud. Phishing is a techniqueusedtotrickavictimintogivingtheirinformation to a fake website. Pharming involves changing DNS information,sowhenapersontypesinanonlineaddress, they will likely be forwarded to the wrong website. This means that the DNS server responsible for converting the website address into the address for crucial information processingwillneedtobeadjusted,andwebsitetrafficwill also be diverted to another site. Due to flaws in the DNS server package, pharming attacks can happen and are frequentlydifficulttodetect.Thesimplestwaytoidentifya potentialpharmingassaultistoraisethealarmifacommon web.

• Spoofing

Spoofingistheactofagougeractingassomeoneelsein ordertopersuadethetargettotakeaparticularaction.Many phishing attempts consequently make use of spoofing; a phishercouldposeasamemberofyourITdepartmentand urge you to visit a website and confirm your laptop login information. As a result, this website is a fake, and the phisher has obtained access to your login information withoutyourknowledge.However,notallspoofingassaults are actually phishing; some phishers utilise spoofing as a means of manipulation. A spoofing attack might involve a hackerposingasacoworkerandaskingyoutosendafile, butthefileisactuallyatrojan.

• Vishing

Vishingisthetelephoneequivalentofphishing,inwhich thetargetsarechosenbytheconartistsinordertoobtain information.Vishersposeasarespectableorganisationand harassyouforyourpersonalinformationbyusingvarious forms of persuasion or "social engineering." Be extremely carefulwhendisclosinganysensitiveinformationoverthe phone, especially if the number is restricted or you are unfamiliarwiththeareacodeornumber.Ifatallpossible, askfortheamountyoucandecidebackandverifyitwiththe source they say they are, or decide the party's customer serviceandaskiftheyneedtogetintouchwithyou.

Example: In this attack, a link will cause a page to open alerting you that a problem has been found with your computerand thatyou shouldchoosea support option to resolveit.Theoffendermayalsodecidetoinformthevictim thatassistanceisbeingsoughtforthemduetoatoolfailure. Thisisacommontactic.Apriceisassessedattheendofthe serviceforfixingatanglethatdidn'tinitiallyexist[7].

5. PHISHING ATTACKS: WARNING SIGNS

A phishing website (also known as a faked website) often makesanefforttoappearatleastsomewhattrustworthy.It willbedesignedtolooklikeanauthentic,already-existing website, imitating sites for your banks or healthcare facilities, for example. The website is designed for you to disclose your login information or other personal information.Youmightgetanemailortextmessagewitha linktothecurrentwebsite,butyoucouldalsoaccidentally typeinthewrongURLorusethewrongsearchtermtoland onthepage.Themainconcernisthentobewaryaboutthe senderoftheemailorinstantmessageandmakesureyou knowwhosentit,orthatthesenderissomeoneyoutrust.

 EmailfromunacquaintedSender

Thereareseveralthingsyoumightconsiderwhenyou receive an email to determine whether you might be the victim of a phishing assault. Look at the email sender's information first. The phishing attempt can come from a suspicious-lookingemailthatyouhaveneverseenbefore.As luck wouldhaveit,thereareforums and online toolsthat can help you determine whether or not the source is trustworthy if you have any questions. Simply copy the sender'semailandsearchfortermslike"phishingattempt," "hacking,"or"scam"onGoogle.Youmaybeabletotellthat theemailisfromacybercriminalifothershavereportedit. However, there is a problem with this technique because phishersarequiteawareoftheforumsandfrequentlyand easilychangetheiremails.Additionally,theywouldutilise thesesupportforumsasawaytolegitimisetheirownfraud bygivingthemselvespositiveevaluationsandinsistingthat theemailofferwasgenuine[8].

 Sender’sEmaillooksOff

The phishing attempt may come from a business that appearstobefullytrustworthyandlegitimatebutisactually not from the firm it purports to be. For example, if you searchfora Sanketbank andseethattheyareusingtheir logo,youmightassumetheemailiscomingfromalegitimate sourcewithoutrealisingthatitcouldbethatSanket'semail hasbeenhackedorthatadifferentemailhasbeencreated thatmatchesSanket'semailbutisn'ttherightemailtype.

 WritingToneIsOdd

Another major cautionary sign is when the email addresslooksfamiliarbutthecontentorpresentationseems strange. If the email contains grammatical or spelling mistakesthatyourcontactisunlikelytomakeordoesnot frequently make, it's possible that the sender is actuallya phisher.Asphishingscamsbecomemoresophisticated,their language and design may also be well-thought-out and appeartobeextremelytrustworthy.Yetpeopleoftenhavea

reallycertainstyleandeleganceofcommunicating,andyou seemtobedrawntoit,eitherconsciouslyorunconsciously.

If an email seems "fishy," you may have unconsciously noticedthatthesenderisusinglanguageandastylethatare nottypicalofthem.Followyourgut,andifsomethingseems strange,lookintotheemailbeforeyouanswer.

 GreetingOddlyGeneric

Inordertotrickyou,phishingcriminalssendoutatonne ofgenericemailsthatstartwith"DearCustomer"andrefer to "Your Business" or "Your Bank." This is frequently especiallyconcerningiftheemailappearstobecomingfrom someone whoshouldhave a lotofinformationaboutyou, suchasapartneryouhavemetbeforeorsomeonefromyour company[8].

6. PHISHING EMAIL EXAMPLES TO LEARN FROM

1)Anexampleofaphishingemailwithasuspiciousemail address.

2) An example of a phishing email where the con artist promisesfinancialrewards.

Sample of a phishing email asking you to confirm your accountinformation.

4) An illustration of a phishing email with fake financial documents.

5)Aphishingemailthatpurportstobefromanemployeeof yourcompany.

6) A phishing email illustration requesting a payment confirmation.

7)Voicemailscamexamplesusingphishingemails.

AccountDeactivation(No.8)

9)FraudulentCreditCard

10)TransmitMoney

11)SocialmediaRequestNo.

7. HOW TO DEFEND AGAINST PHISHING EMAILS

Rememberthese5principlesforcreatingacultureofcyber security awareness when constructing a defence against phishingemails:

• Educate: To coach, train, and change behaviour, use phishingmicrolearningandsecurityawarenesscoaching.

• Monitor: Check employee information using phishing simulation tools to see if an agency is at risk of a cyberattack.

• Communicate: Provide up-to-date communications and campaigns about social engineering, cyber security, and phishingemails.

• Integrate: Make project management, training, support, andawarenesscampaignsforcybersecurityapartofyour businessculture.

Youneeddefenceagainstphishingemailattacks.Thesame sentiment also applies to your coworkers, organisation, friends,andfamily.Everyoneoughttobeabletosafeguard theirinfo.

Makingthemostofcybersecurityawarenessisthegreatest waytodothis.

8. THE FREQUENCY OF PHISHING ATTACKS

Everyyear,phishingbecomesmoreprevalentandposesa significanthazard.Accordingtoa2021Tessiananalysis,the averagenumberofphishingemailsreceivedbyemployeesis 14.Certainindustrieswereparticularlyhardimpacted;retail workersreceivedamediansalaryof$49.

Themajorityoftheemail-basedattacksbetweenMayand August2021,accordingtoESET's2021analysis,werepartof phishingcampaigns.IBM's2021analysiscorroboratedthis trend by noting a two-point increase in phishing attacks between 2019 and 2020, which was partially fueled by COVID-19andsupplychainuncertainty.

According to CISCO's report on cybersecurity threat patternsfor2021,atleastoneemployeeofabout86firms clicked on a phishing link. According to the company's knowledge, phishing accounts for over 90 percent of data

breaches. Phishing attacks increased by 52 percent in December, according to CISCO, who discovered that the activitytendstopeakaroundholidaytimes.

According to the results of a global poll, 83 percent of IT departments at Indian companies predicted a rise in the number of phishing emails aimed at their employees in 2020.

One of the reasons for its effectiveness is its capacity to continuously evolve and diversify, trade offences to contemporaryissuesorconcerns,suchasthepandemic,and capitalise on people's emotions and trust "Urban Center Wisniewski,theheadofanalysisatSophos,saidasmuch.

Phishing is frequently the first phase in a very intricate, multi-phase attack. According to Sophos quick Response, hackersfrequentlyusephishingemailstocoerceusersinto installing malware or disclosing login information for the workplacenetwork"AsecondWisniewski.

Also, the results show that there is no universal agreementonwhatismeantby"phishing."Asanillustration, 67percentofITorganisationsinIndiaequatephishingwith emails that falsely purport to be from a genuine company andthatfrequentlyincludeathreatorarequestforpersonal information. Sixty-one percent of respondents think that BusinessEmailCompromise(BEC)attacksarephishing,and fifty percent of respondents think that threadjacking where attackers inject themselves into a legitimate email threadaspartofanattack isphishing.

Thegoodnewsisthatalmostall Indianbusinesses(98%) have implemented cybersecurity education campaigns to thwart phishing. Respondents reported using phishing simulations(51%),computer-basedcoachingprogrammes (67%),andhuman-ledcoachingprogrammes(60%).

Accordingtothe poll,four-fifthsofIndianfirmsgauge the success of their awareness campaign by the number of IT tickets related to phishing, which is followed by user coverage of phishing emails (at 77%) and phishing email clickthroughrates(at60%).

Everyfirmsurveyedinthecity,Hyderabad,andmetropolis (100%)feltitisnecessarytohavecybersecurityawareness initiatives in place. When ninety-seven states had such programmes,Chennaiwasnext,puttingBengaluruandthe cityatninety-sixeach.

9. CONCLUSION

Phishing attacks continue to be a major concern to both individuals and businesses today. This can be primarily causedbyhumanengagementinthephishingcycle,asthe paper points out. Phishers typically target human weaknessesinadditiontofavourabletechnologysituations

(i.e., technical vulnerabilities). It is well established that a varietyoffactors,includingage,gender,internetaddiction, user stress, and many others, can affect a person's susceptibility to phishing. In addition to more recent phishing mediums like voice and SMS phishing, more traditionalphishingchannelslikeemailandthewebarestill inuse.

Concomitantly, phishing has developed on the far side getting sensitive data and monetary crimes to cyber coercion,hacktivism,damagingreputations,espionage,and nation-stateattacks.analysishasbeenconductedtospotthe motivationsandtechniquesandcountermeasurestothose new crimes, however, there's no single answer for the phishingdrawbackbecauseoftheheterogeneousnatureof theattackvector.

Thechallengescausedbyphishinghavebeenexaminedin this book, and a new anatomy that outlines the entire life cycleofphishingattemptshasbeenplanned.Thisassociate deprecatoryoffersabroaderperspectiveonphishingattacks andacorrectdefinitionthatcoverstheattack'srealisation andend-to-endexclusion.

Although the best defence against phishing is human education, the sophistication of the assaults and social engineering components make it difficult to completely eliminate the threat. Developing affordable anti-phishing strategies that prevent users from being exposed to the attack is a critical step in minimising these attacks, even though ongoing security awareness training is the key to avoidingphishingattacksandtoreducetheirimpact.This text concluded by mentioning the significance of creating anti-phishingtechniquesthatrecogniseandstoptheattack. Also,thesignificanceofmethodstoidentifythesourceofthe assault may provide a stronger anti-phishing solution, as discussedinthisarticle.

10. ACKNOWLEGEMENT

I am incredibly humbled and grateful to express my gratitude to everyone who has helped me put these ideas into one concrete item, way above the level of their simplicity.

IwanttospecificallythankAssistantProfessorJyotiSamel forgivingmethechancetoconductthisexcellentresearch onthesubjectof"Phishing: AnOpenThreattoEveryone." Her support allowed me to conduct a lot of research and learnalotofnewinformation.Isincerelyappreciateher.My sinceregratitudeisextendedtoourresearchpaperadvisor forherinsightfulandtimelycounselthroughoutthemany researchphases.

Without the support and guidance of my parents and friends, no attempt at any level can be satisfactorily completed. Despite their busy schedules, they gave me

different ideas for how to make this project unique. They helpedmegatheravarietyofinformation,aggregateit,and guidemeperiodicallyinmakingthispaper.

11. REFERENCES

[1] Phishing attack on the rise by APN News, Saturday, March,2022

[2]SpearphishingexamplesbyPhishProtection

[3] Whatis Whaling? WhalingEmail AttacksExplained by Tessian,11August2021

[4]WhatisaSpoofingAttack?The5ExamplesYouNeedto KnowbySoftwareLab.org

[5]VishingAttackbyINCOGNIA

[6]PhishingattackswarningsignsbyDavidZamerman,Feb 26,2022