Phishing is a form of cybercrime used to lure a victim to reveal his/her sensitive personal information to fraudulent web pages. To protect users from phishing attacks, many anti-phishing techniques have been proposed to block suspicious web pages, which are identified against registered lacklists, or checked by search engines. However, such approaches usually have difficulty in keeping up with the rapidly emerging phishing web pages. To lessen this problem, this paper proposes a technique for identifying suspicious web pages, based on the literal and conceptual consistency between the URL and web contents. By using the search logs only as reference data, our approach can achieve 98% accuracy, showing that it is effective in detecting various forms of phishing attack.
Critical success factors for security education, training and awareness (SETA) programme effectiveness: an empirical comparison of practitioner perspectives
Cyber security has never been more important than it is today in an ever more connected and pervasive digital world....