Website spoofing

Website spoofing

IT Security Action Plan

Published in Frank R. Spellman, Fundamentals of Public Utilities Management, 2020

Potential risks to a company’s reputation are real and therefore a strategy should be developed to mitigate those risks via polices or other measures. Specific types of reputation risks include: Being impersonated online by a criminal organization (e.g., an illegitimate website spoofing a business name and copying site design, then attempting to defraud potential customers via phishing scams or other methods)Having sensitive company or customer information leaked to the public via the webHaving sensitive or inappropriate employee actions made public via the web or social media sites

A survey of phishing attack techniques, defence mechanisms and open research challenges

View Article

Journal Information

Published in Enterprise Information Systems, 2022

Ankit Kumar Jain, B.B. Gupta

The phisher targets the vulnerability available in the system due to the human causes (Hong 2012). The phishing attacks are classified into various categories based on how the attacker acquires the credentials of users. Figure 5 presents taxonomy of phishing attacking techniques. This section discusses the phishing attack on two environments, namely, desktop and mobile. In the desktop environment, attackers utilise social engineering and technical subterfuge techniques. Attackers execute social engineering-based attacks using the malicious website or sending the fake email that appears to be legitimate. Social engineering techniques are further categorised as email spoofing, website spoofing and spear phishing (Almomani et al. 2013). Technical subterfuge methods gain user’s information by installing malware (Jain and Gupta 2017).

Explore chapters and articles related to this topic

IT Security Action Plan

A survey of phishing attack techniques, defence mechanisms and open research challenges