Research Paper on Spreading Awareness About Phishing Attack Is Effective In Reducing The Attacks?

International Research Journal of Engineering and Technology (IRJET)

e-ISSN: 2395-0056

Volume: 09 Issue: 04 | Apr 2022

p-ISSN: 2395-0072

www.irjet.net

Research Paper on Spreading Awareness About Phishing Attack Is Effective In Reducing The Attacks? Bhakti Ulhas Desai, Guide: Asst. Prof. Gauri Ansurkar Student, M. Sc IT, Keraleeya Samajam (Regd.) Dombivli’s Model College, Maharashtra, India ---------------------------------------------------------------------***---------------------------------------------------------------------

Abstract – As a result, an infinite amount of private

information and financial transactions become prone to cybercriminals. Phishing is an example of a highly effective sort of cybercrime that allows criminals to deceive users and steal important data. Since the primary reported phishing attack in 1990, it's been evolved into a more sophisticated attack vector. At present, phishing is taken into account one in every of the foremost frequent samples of fraud activity on the web. Phishing attacks can cause severe losses for his or her victims including sensitive information, fraud, companies, and government secrets. this text aims to guage these attacks by identifying this state of phishing and reviewing existing phishing techniques. Studies have classified phishing attacks in line with fundamental phishing mechanisms and countermeasures discarding the importance of the end-to-end lifecycle of phishing. From this research we understand that phishing attacks are increasing day by day and people are not able to identify such type of phishing attack. Giving phishing awareness training is one way by which we can reduce the number of attacks.

1. INTRODUCTION Phishing is variety of attack during which an attacker sends a fraudulent message designed to trick an individual into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransom ware. Phishing attacks became increasingly sophisticated and sometimes transparently mirror the location being targeted, allowing the attacker or hacker to look at everything while the victim is navigating the positioning, and transverse any additional security boundaries with the victim. There are differing kinds of phishing like Spear Phishing, Whaling, Vishing and Email Phishing. Spear Phishing-Spear phishing is an electronic or email communications scam targeted towards a selected individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals might also will install malware on a targeted user’s computer. Whaling -Whaling is style of attack during which attacker mainly aimed position persons to steal or access the sensitive and steer. © 2022, IRJET

|

Impact Factor value: 7.529

|

Vishing - Vishing is that the combination of voice and phishing. In vishing attack attacker try and get sensitive and lead through call. Vishing is that the phone scam where scammer get your financial information like account number and password. Email Phishing -Email phishing could be a form of attack within which attacker send false mail to user and trick them to falling for a scam.

2. ADVANTAGES OF PHISHING AWARENESS TRAINING. 

Empower your employees to become your first layer of cyber security

In a Web root 2019 study, it absolutely was found that 67% of employees received a minimum of one phishing email at work; and 49% of employees admitted they clicked links in messages from unknown senders during work. Because the online world is getting more and more interconnected, cyber attacks have also become more sophisticated. This includes, but isn't limited to phishing, spear-phishing attacks, business email compromise, social engineering scams, common malware and ransom ware and faux websites to steal data or infect devices. By providing interactive and ongoing training programs to your employees, they're going to have the knowledge to identify phishing emails and avoid risks online, and eventually will become your first layer of protection to cut back the quantity of security incidents. 

Meet regulatory compliance requirement

Many businesses have specific compliance requirements. as an example, if your business takes mastercard payments from customers, you want to follow PCI compliance. Or if your company stores or processes personal information about EU citizens, you need to accommodates the GDPR. Corporate compliance covers both industry policies and procedures in addition as federal, provincial and native compliance laws. Regulatory compliance is when a corporation abides by those laws and regulations. If an organization is found to be out of compliance with certain laws per their industry, this could lead to fines and/or legal

ISO 9001:2008 Certified Journal

|

Page 3264