Mitigate the dangers posed by phishing activities, a common cybercrime carried out through email attacks. This book details tools and techniques to protect against phishing in various communication channels.

The aim of phishing is to fraudulently obtain sensitive credentials such as passwords, usernames, or social security numbers by impersonating a trustworthy entity in a digital communication.

Phishing attacks have increased exponentially in recent years, and target all categories of web users, leading to huge financial losses to consumers and businesses. According to Verizon’s 2020 Data Breach Investigations Report (DBIR), 22% of all breaches in 2019 involved phishing. And 65% of organizations in the USA experience a successful phishing attack.

This book discusses the various forms of phishing attacks, the communications most often used to carry out attacks, the devices used in the attacks, and the methods used to protect individuals and organizations from phishing attacks.

What You Will Learn

• Understand various forms of phishing attacks, including deceptive, DNS-based, search engine, and contents injection phishing
• Know which communications are most commonly used, including email, SMS, voice, blog, wifi, and more
• Be familiar with phishing kits (what they are) and how security experts utilize them to improve user awareness
• Be aware of the techniques that attackers most commonly use to request information
• Master the best solutions (including educational, legal, technical) to protect against phishing attacks

Who This Book Is For

Security professionals who need to educate online users, especially those who deal with banks, online stores, payment systems, governments organizations, social networks and blogs, IT companies, telecommunications companies, and others. The secondary audience includes researchers working to develop novel strategies to fight against phishing activities and undergraduate and graduate instructors of cybersecurity.

Table of Contents

Chapter 1: Introduction to Phishing

Chapter 2: Types of Phishing

Chapter 3: Communication Channels

Chapter 4: What Does a Phishing URL Look Like?

Chapter 5: Characteristics of Phishing Websites

Chapter 6: Phishing Kits

Chapter 7: Training Methods for Phishing Detection

Chapter 8: Legal Solution: Phishing Is Prohibited Under a Number of Laws

Chapter 9: Phishing Detection Based on Technology

Appendix A: Machine Learning Algorithms

Appendix B: Deep Learning Algorithms

Appendix C: Natural Language Processing

Appendix D: Evaluation Metrics for Phishing Detection Approach

About the Author

Gunikhan Sonowal is an Assistant Professor in the Department of Computer Science and Engineering at KL University. His research interests include information security (phishing) and accessibility computing. He received his Bachelor of Science degree (BSc) from Sibsagar College, a Master of Computer Application (MCA) at University of Hyderabad, India, and a PhD in computer science and engineering from Pondicherry University. He has published eight research papers in peer-reviewed journals and international conferences.