Swapan Purkait scite author profile

PurposePhishing is essentially a social engineering crime on the Web, whose rampant occurrences and technique advancements are posing big challenges for researchers in both academia and the industry. The purpose of this study is to examine the available phishing literatures and phishing countermeasures, to determine how research has evolved and advanced in terms of quantity, content and publication outlets. In addition to that, this paper aims to identify the important trends in phishing and its countermeasures and provides a view of the research gap that is still prevailing in this field of study.Design/methodology/approachThis paper is a comprehensive literature review prepared after analysing 16 doctoral theses and 358 papers in this field of research. The papers were analyzed based on their research focus, empirical basis on phishing and proposed countermeasures.FindingsThe findings reveal that the current anti‐phishing approaches that have seen significant deployments over the internet can be classified into eight categories. Also, the different approaches proposed so far are all preventive in nature. A Phisher will mainly target the innocent consumers who happen to be the weakest link in the security chain and it was found through various usability studies that neither server‐side security indicators nor client‐side toolbars and warnings are successful in preventing vulnerable users from being deceived.Originality/valueEducating the internet users about phishing, as well as the implementation and proper application of anti‐phishing measures, are critical steps in protecting the identities of online consumers against phishing attacks. Further research is required to evaluate the effectiveness of the available countermeasures against fresh phishing attacks. Also there is the need to find out the factors which influence internet user's ability to correctly identify phishing websites.

show abstract

An empirical investigation of the factors that influence Internet user’s ability to correctly identify a phishing website

Purkait

Suar

2014

View full text Add to dashboard Cite

Purpose – The aim of this study is to report on the results of an empirical investigation of the various factors which have significant impacts on the Internet user’s ability to correctly identify a phishing website. Design/methodology/approach – The research participants were Internet users who have had at least some experience of financial transactions over the Internet. This study conducted a quantitative research with the help of a structured survey questionnaire along with three experimental tasks. A total of 621 valid samples were collected and the multiple regression analysis technique was used to deduce the answers to the research question. Findings – The results show that the model is useful and has explanatory power. And adjusted R2 computed as 0.927, means that 92.7 per cent of the variations in the Internet user’s ability to identify phishing website can be explained by the predictors selected for the model. Research limitations/implications – Future research should account for the Internet user’s general security practices and behaviour, attitude towards online financial activity, risk-taking ability or risk behaviour and their potential effects on Internet users' ability to identify a phishing website. Practical implications – The implications of this study provide the foundation for future research on the areas that intend to explain the Internet user’s necessity to take protection or avoid risky behaviour while performing financial transaction over the Internet. Originality/value – This study provides the body of knowledge with an empirical analysis of impact of various factors on an Internet user’s ability to identify phishing websites. The results of this study can help practitioners create a more successful research model and help researchers better understand user behaviour on the Internet.

show abstract

Examining the effectiveness of phishing filters against DNS based phishing attacks

Purkait¹

2015

View full text Add to dashboard Cite

Purpose -This paper aims to report on research that tests the effectiveness of anti-phishing tools in detecting phishing attacks by conducting some real-time experiments using freshly hosted phishing sites. Almost all modern-day Web browsers and antivirus programs provide security indicators to mitigate the widespread problem of phishing on the Internet. Design/methodology/approach -The current work examines and evaluates the effectiveness of five popular Web browsers, two third-party phishing toolbar add-ons and seven popular antivirus programs in terms of their capability to detect locally hosted spoofed websites. The same tools have also been tested against fresh phishing sites hosted on Internet. Findings -The experiments yielded alarming results. Although the success rate against live phishing sites was encouraging, only 3 of the 14 tools tested could successfully detect a single spoofed website hosted locally. Originality/value -This work proposes the inclusion of domain name system server authentication and verification of name servers for a visiting website for all future anti-phishing toolbars. It also proposes that a Web browser should maintain a white list of websites that engage in online monetary transactions so that when a user requires to access any of these, the default protocol should always be HTTPS (Hypertext Transfer Protocol Secure), without which a Web browser should prevent the page from loading.

show abstract

Open Proxy: A road block for Phishing investigations

Purkait¹

2013

JIT

View full text Add to dashboard Cite

Assessing Anti-Phishing Awareness among Undergraduate Students in India

Purkait¹

2013

Int. Jrnl. Appl. Res. Info. Tech. and Comp.

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Swapan Purkait

Phishing counter measures and their effectiveness – literature review

An empirical investigation of the factors that influence Internet user’s ability to correctly identify a phishing website

Examining the effectiveness of phishing filters against DNS based phishing attacks

Open Proxy: A road block for Phishing investigations

Assessing Anti-Phishing Awareness among Undergraduate Students in India

Contact Info

Product

Resources

About