I. INTRODUCTION
The term ‘phishing’ is coined in the mid-1990s and is from the term
‘fishing’ because it involves trying to outwit someone into a trap
[11] Phishing is when attackers send malicious emails, suspicious
URL designed to trick people into falling for a scam. Typically, the
intent is to get users to reveal financial information, system
credentials or other sensitive data.
Phishing is metaphorically like fishing in the water [12], but
instead of trying to catch a fish, attackers try to steal consumer’s
personal information When a user opens a fake webpage and enters the
username and protected password, the credentials of the user are
acquired by the attacker which can be used for malicious purposes
Phishing websites look very similar appearance to their corresponding
legitimate websites to attract a large number of Internet users.
1.1 Social
Engineering
A collection of techniques that scam artists use to manipulate human
psychology. Social engineering techniques include forgery, misdirection,
and lying all of which can play a
part in phishing attacks. On a basic level, phishing emails use social
engineering to encourage users to act without thinking things through.
Estimates suggest that 59% of all email is spam Lexically analysing the
URLs can enhance the performance and help to differentiate between the
original email and the phishing URL [9] is a fraudulent attempt to
obtain sensitive information such as usernames, passwords, and credit
card details (and money) by disguising as trustworthy in an electronic
communication [6] Phishing attacks use a combination of social
engineering is the art of getting users to compromise information
systems. Instead of technical attacks on systems, social engineers
target humans with access to information, manipulating them into
divulging confidential information or even into carrying out their
malicious attack through influence and to persuade [10] users into
giving away sensitive information that the attacker can used to make
financial profit. Normally phishers hijack a banks web pages and send
emails to the victim in order to trick the victim to visit the malicious
site in order to collect the victim bank account information and card
number [1] Instead of tricking the users in emails to give out their
passwords e.g., for online-banking and eBay, the attacker redirects the
users to its servers, which imitate the original websites. For a normal
user it’s hard to tell if he is connected to the original site, as the
right address is shown in the browser, and he relies on the correct name
resolution. Even in case of additional security mechanisms, such as SSL,
many users tend to discard warning messages or do not check for secured
connection at all. Albeit there is no known case of pharming yet, it
seems likely that future
1.1 DNS Cache
Poisoning
Domain Name System uses different techniques to introduce false IP
addresses to client servers. The use of cache memory is the most seen
type, which is known as DNS cache poisoning [32] DNS cache poisoning
exploits will be used in that way. Additionally, an incorrect DNS
resolution has impact on protocols besides http that rely on the name
resolution, such as ftp, pop3, Imap and smtp. Due to DNS Spoofing an
attacker can redirect and record the login attempts and gather the data
of the user’s accounts [8]. Also, the sniffing of outgoing mails by
redirection over a prepared server is possible
1.2.1 Types of Phishing
Attacks
There are three types of phishing attacks through social engineering,
which are web spoofing, phone phishing, spear phishing and clone
phishing
1.2.2 Web
Spoofing
allows an attacker to create a ”shadow copy” of the entire World Wide
Web. Accesses to the shadow Web are funnelled through the attacker’s
machine, allowing the attacker to monitor all the victim’s activities.
Attacks can be carried out on today’s systems, endangering users of the
most common Web browsers. Web spoofing allows an attacker to create a
”shadow copy” of the entire World Wide Web [7]. Accesses to the
shadow Web are funnelled through the attacker’s machine, allowing the
attacker to monitor all the victim’s activities. A spoofing attack is
like a con game: the attacker sets up a false but convincing world
[3] around the victim Phone Phishing