Return to search

A defense-in-depth approach to phishing

Phishing is a form of crime in which identity theft is accomplished by use of deceptive electronic mail and a fake site on the World Wide Web. Phishing threatens financial institutions, retail companies, and consumers daily and phishers remain successful by researching anti-phishing countermeasures and adapting their attack methods to the countermeasures, either to exploit them, or completely circumvent them. An effective solution to phishing requires a multi-faceted defense strategy. We propose a model for phishing. We report on a survey we conducted of user detection of phishing. We also report on experiments to assess the success of automated methods for assessing clues to phishing email. We present recommendations for a defense-in-depth strategy to prevent phishing.

Identiferoai:union.ndltd.org:nps.edu/oai:calhoun.nps.edu:10945/2667
Date09 1900
CreatorsBarnes, David S.
ContributorsMartell, Craig H., Rowe, Neil C., Naval Postgraduate School, Department of Computer Science
PublisherMonterey, California. Naval Postgraduate School
Source SetsNaval Postgraduate School
Detected LanguageEnglish
TypeThesis
Formatxiv, 73 p. : col. ill. ;, application/pdf
RightsApproved for public release, distribution unlimited

Page generated in 0.002 seconds