Using visual website similarity for phishing detection and reporting

Maurer, Max-Emanuel; Herzner, Dennis

doi:10.1145/2212776.2223683

Cited by 32 publications

(15 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Web browsers or AddOns can check the URL against various blacklists or check the web site content in combination with the actual URL. A number of different approaches for these checks have been proposed [28,4,29,32]. In both pre-and post-click checks a risky situation can either lead to blocking or a warning e.g., [25,30,45,43].…”

Section: Related Workmentioning

confidence: 99%

User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Volkamer

Renaud

Reinheimer

et al. 2017

Computers & Security

View full text Add to dashboard Cite

We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips. These help people to identify phish links embedded in emails. TORPEDO's tooltips contain the actual URL with the domain highlighted. Link activation is delayed for a short period, giving the person time to inspect the URL before they click on a link. Furthermore, TORPEDO provides an information diagram to explain phish detection.We evaluated TORPEDO's effectiveness, as compared to the worst case 'status bar' as provided by other Web email interfaces. People using TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17% versus 43.31% correct answers for phish). We then carried out a field study with a number of TORPEDO users to explore actual user experiences of TORPEDO. We conclude the paper by reporting on the outcome of this field study and suggest improvements based on the feedback from the field study participants.

show abstract

Section: Related Workmentioning

confidence: 99%

User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Volkamer

Renaud

Reinheimer

et al. 2017

Computers & Security

View full text Add to dashboard Cite

show abstract

“…Web browsers or Add-ons can check the URL against various blacklists or check the web site content in combination with the actual URL. A number of different approaches for these checks have been proposed [27,3,28,31]. In both pre-and post-click checks a risky situation can either lead to blocking or a warning e.g.…”

Section: Related Workmentioning

confidence: 99%

TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

Volkamer

Renaud

Reinheimer

2016

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

Abstract. We propose a concept called TORPEDO to improve phish detection by providing just-in-time and just-in-place trustworthy tooltips to help people judge links embedded in emails. TORPEDO's tooltips contain the actual URL with the domain highlighted and delay link activation for a short period, giving the person time to inspect the URL before they click. Furthermore, TORPEDO consists of an information diagram to explain phish detection. We evaluated TORPEDO in particular with respect to its effectiveness: Compared to the worst case 'status bar'. as used in Thunderbird and Web email clients. TORPEDO performed significantly better in detecting phishes and identifying legitimate emails (85.17% versus 43.31% correct answers for phish). A proof of concept implementation is available as a Thunderbird Add-On.

show abstract

“…Maurer and Herzner [15] detects phishing based on the comparisons of color and texture histograms of both suspicious and target site. Wu et al [16] divide the webpage into "blocks" based on its layout and identifier features from the blocks.…”

Section: B Website Phishing Detectionmentioning

confidence: 99%

A Computer Vision Technique to Detect Phishing Attacks

Rao

Ali

2015

2015 Fifth International Conference on Communication Systems and Network Technologies

View full text Add to dashboard Cite

Phishing refers to cybercrime that use social engineering and technical subterfuge techniques to fool online users into revealing sensitive information such as username, password, bank account number or social security number. In this paper, we propose a novel solution to defend zero-day phishing attacks. Our proposed approach is a combination of whitelist and visual similarity based techniques. We use computer vision technique called SURF detector to extract discriminative key point features from both suspicious and targeted websites. Then they are used for computing similarity degree between the legitimate and suspicious pages. Our proposed solution is efficient, covers a wide range of websites phishing attacks and results in less false positive rate.

show abstract

Using visual website similarity for phishing detection and reporting

Cited by 32 publications

References 9 publications

User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

TORPEDO: TOoltip-poweRed Phishing Email DetectiOn

A Computer Vision Technique to Detect Phishing Attacks

Contact Info

Product

Resources

About