A Novel Method to Prevent Phishing by using OCR Technology

Abstract: Phishing is one of the most common attacks in the world, especially with the increasing usage of mobile platforms and e-commerce. Although many users are weary of phishing attacks from suspicious paths in the URL address, phishing still accounts for a large proportion of all of malicious attacks as it is easy to deploy. Most browser vendors mainly adopt two approaches against phishing; the blacklist and the heuristicbased. However, both have related limitations. In this paper, a novel method was proposed to pr… Show more

“…Thus, phishing threats are worth researching to determine cheaper and faster solutions. In our last paper [6], we presented a novel method to prevent phishing attacks by using an Optical Character Recognition (OCR) technology, and this method not only overcomes the limitation of current preventions, but also provides a high detection accuracy rate. The evaluation results were promising, but whether this method can be implemented ideally in mobile devices needed to be further examined, especially in relation to the challenges of limited resources (power and bandwidth).…”

“…For instance, in the host-based step, the server properties are investigated from WHOIS, collecting data such as the IP address, registration information etc. However, gathering this information may become a hard problem due to possible restrictions in the future [6]. In order to comply with the EU's General Data Protection Regulation (GDPR) legislation [20], most of this information may have been wiped as it releases too much private information.…”

“…In our last paper [6], we presented a novel method to prevent phishing by using Optical Character Recognition (OCR) technology. By analysing the logo content from a target website and comparing against the official website, the website could be confirmed as official.…”

“…In our previous paper [6], we researched OCR technology as a mean of identifying phishing. The specific procedure was divided to four steps, as shown below:…”

“…However, this prototype mobile implementation still has the same limitations as on desktop. They are [6]:…”

A Cost-Effective OCR Implementation to Prevent Phishing on Mobile Platforms

“…Thus, phishing threats are worth researching to determine cheaper and faster solutions. In our last paper [6], we presented a novel method to prevent phishing attacks by using an Optical Character Recognition (OCR) technology, and this method not only overcomes the limitation of current preventions, but also provides a high detection accuracy rate. The evaluation results were promising, but whether this method can be implemented ideally in mobile devices needed to be further examined, especially in relation to the challenges of limited resources (power and bandwidth).…”

“…For instance, in the host-based step, the server properties are investigated from WHOIS, collecting data such as the IP address, registration information etc. However, gathering this information may become a hard problem due to possible restrictions in the future [6]. In order to comply with the EU's General Data Protection Regulation (GDPR) legislation [20], most of this information may have been wiped as it releases too much private information.…”

“…In our last paper [6], we presented a novel method to prevent phishing by using Optical Character Recognition (OCR) technology. By analysing the logo content from a target website and comparing against the official website, the website could be confirmed as official.…”

“…In our previous paper [6], we researched OCR technology as a mean of identifying phishing. The specific procedure was divided to four steps, as shown below:…”

“…However, this prototype mobile implementation still has the same limitations as on desktop. They are [6]:…”

A Cost-Effective OCR Implementation to Prevent Phishing on Mobile Platforms

Updated Analysis of Detection Methods for Phishing Attacks

An Empirical Study: Automated Subdomain Takeover Threat Detection