Uma Avaliação das Prevenções de Phishing em Navegadores Web

  • Carlo M. R. da Silva UFPE
  • Eduardo L. Feitosa UFAM
  • Vinícius C. Garcia UFPE
DOI: https://doi.org/10.5753/sbseg.2017.19513

Abstract


Web browsers are tools of utmost importance when it comes to data consumption on the Internet, since they enable the interaction and consumption of information provided by various services available over the Web. Several daily companies adapted their services to be used on the Web in order to obtain advantages over competitors. However, it is clear the difficulty of these tools in preventing their users from being victims of phishing attacks. Such attacks if put into effect result in devastating and often irreversible consequences for business. Through this article, we present a study that evidences the lack of effective solutions in analyzing and minimizing such problematic submit to the protection mechanisms designed for the most popular Web browsers available.

References

Akhawe, D. and Felt, A. P. (2013). Alice in warningland: A large-scale field study of browser security warning effectiveness. In 22Nd USENIX, SEC’13, pages 257–272.

Cert.BR (2012). Golpes na internet. Disponível em: https://cartilha.cert.br/golpes/.

Costello, A. M. (2003). Punycode: A bootstring encoding of unicode for internationalized domain names in applications (idna). Disponível em: https://tools.ietf.org/html/rfc3492.

Jackson, C., Simon, D. R., Tan, D. S., and Barth, A. (2007). An evaluation of extended validation and picture-in-picture phishing attacks. In Financial Cryptography, volume 4886 of Lecture Notes in Computer Science, pages 281–293. Springer.

Jovanovic, G. (2009). Standardization of the old church slavonic cyrillic script and its registration in unicode. Disponível em: http://www.unicode.org/charts/PDF/U0400.pdf.

Kaspersky (2014). O que é phishing? Disponível em: https://goo.gl/4EEtxk.

Khonji, M., Iraqi, Y., and Jones, A. (2013). Phishing detection: A literature survey. IEEE Communications Surveys and Tutorials, 15(4):2091–2121.

Mazher, N., Ashraf, I., and Altaf, A. (2013). Which web browser work best for detecting phishing. In 2013 5th ICICT, pages 1–5.

Mohammad, R. M., Thabtah, F., and McCluskey, L. (2015). Tutorial and critical analysis of phishing websites methods. Comput. Sci. Rev., 17(C):1–24.

TrendMicro (2014). O que é spear phishing? Disponível em: https://goo.gl/GhzUFY.

TrendMicro (2017). Domínios genéricos e sites fraudulentos: uma conex˜ao perigosa. Disponível em: https://goo.gl/r9gAZm.

Whittaker, C., Ryner, B., and Nazif, M. (2010). Large-scale automatic classification of phishing pages. In NDSS ’10.

ZDNet (2016). Phishing-as-a-service is making it easier than ever for hackers to steal your data. Disponível em: https://goo.gl/6UST6u.
Published
2017-11-06
How to Cite

Select a Format
SILVA, Carlo M. R. da; FEITOSA, Eduardo L.; GARCIA, Vinícius C.. Uma Avaliação das Prevenções de Phishing em Navegadores Web. In: BRAZILIAN SYMPOSIUM ON INFORMATION AND COMPUTATIONAL SYSTEMS SECURITY (SBSEG), 17. , 2017, Brasília. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2017 . p. 374-387. DOI: https://doi.org/10.5753/sbseg.2017.19513.

Most read articles by the same author(s)