Available under a Creative Commons Attribution Non-Commercial Share Alike 4.0 International Licence
1.2 COMPUTER AND INFORMATION SCIENCE
Phishing is a form of online identity theft in which the attacker attempts to fraudulently retrieve a legitimate user's account information, logon credentials or identity information in general. The compromised information is then used for withdrawing money online, taking out cash advances, or making purchases of goods and services on the accounts. Various solutions have been proposed and developed in response to phishing. As phishing is a business problem, the solutions target both non-technical and technical areas. This paper investigates the current anti-phishing solutions and critically reviews their usage, security weaknesses and their effectiveness. The analysis of these models points to a conclusion that technology alone will not completely stop phishing. What is necessary is a multi-tiered, organised approach: user awareness, technical and non-technical solutions should work together.
Hatunic-Webster, E., Anti-Phishing Models: Main Challenges, International Conference on Internet Technology and Secured Transactions (ICITST 2008), Dublin, 23-28 June, 2008, DOI: 10.21427/6y40-gm57