查看文章

Generally, Phishing activity is usually accomplished by sending e-mails. Such an e-mail typically contains a link that looks like originating from a genuine organization and thereby urging the users to submit and verify their information by following the link they had received. The reasons that are cited for such verifications include, updation of user database, security breach, maintenance of backend tools, lucky draw in competitions etc. The URL that hosts the exact replica of the original webpage would then ask the user for information such as User ID‟ s, credit or debit card numbers, date of birth, passwords etc. These tricksters obtain personal information from users by tricking the users with the help of browser pop-ups, browser session, drive-bydownloads from unknown sources etc.

Such tricksters target organizations which have a large customer base, send e-mails containing the illegitimate page link to thousands of users so as to improve their hit rate and setting up the illegitimate webpage in such a way that it deceives the user into exposing their information. Thus phishing attacks in many cases, lead to loss of reputation and loss of money. In the year 2012 alone, around 300,000 phishing attacks were recorded worldwide and new online payment services, crypto-currency sites are being targeted more frequently. Though phishers deploy various methods in luring users, a set of characteristic features acts as a base for such illegitimate webpages. These features are predominant for the success of a user falling prey (Mohammed et al 2014) and these features help to classify a given webpage as either legitimate or not. Classification methods …