Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page Srishti Gupta, Ponnurangam Kumaraguru Indraprastha Institute of Information Technology, Delhi Cybersecurity Education and Research Centre (CERC), IIIT-Delhi fsrishtig,
[email protected] Abstract—Each month, more attacks are launched with the showed that second half of 2013 saw a 60% increase in aim of making web users believe that they are communicating phishing attacks from the first half [5]. The report also high- with a trusted entity which compels them to share their personal, lighted an increase in the number of unique domain names and financial information. Acquired sensitive information is then maliciously registered domain names for carrying out phishing used for personal benefits, like, gain access to money of the attacks. This shows that criminals are exploiting best possible individuals from whom the information was taken. Phishing costs resources to carry out their tasks effectively. RSA, the security Internet users billions of dollars every year. A recent report 2 highlighted phishing loss of around $448 million to organizations division at EMC recently released their monthly report on in April 2014. Researchers at Carnegie Mellon University (CMU) online fraud to show that phishing cost global organizations 1 created an anti-phishing landing page supported by Anti-Phishing $448 million in losses in April 2014. Working Group (APWG) with the aim to train users on how Phishing has become a major concern for Internet Service to prevent themselves from phishing attacks. It is used by Providers (ISPs), with pressure coming from both users who financial institutions, phish site take down vendors, government demand that service providers do more to protect them from organizations, and online merchants.