Research Paper:

Research Paper:. Phishing Attacks Ami Chovatiya.

Overview. Phishing Attacks: Definition : A social engineering attack in which an attacker uses spoofed emails to trick people into sharing sensitive information or installing malware on their device. Reported to be the most common type of cybercrime in 2020..

Research Area. The paper will focus on outlining and describing the most common types of phishing attacks and the top prevention mechanisms. Are phishing attacks increasing with time? Collect data and statistics regarding phishing attacks and conclude whether current prevention tactics make a difference. The conducted research will can come handy when brainstorming and writing up mitigation plans for patching the found vulnerabilities..

Design Alternatives/Technologies. Types of phishing: Email Phishing Sending emails mimicking legitimate authorities. Great range of targets Spear Phishing Form of email phishing, but specific individuals are targeted Whaling Target a CEO, CFO, or any CXX withing an industry/business Smishing Uses text messages/SMS to execute an attack Vishing Attackers seek to obtain PII through a voice call.

Current Status. Phishing was the most common type of cybercrime in 2020, nearly doubling every year. Deceptive phishing is by far the most common type of phishing attack. Scammers attempt to replicate a legitimate company’s email correspondence in hopes to obtain personal information. As of January 17, 2021, Google has registered 2,146,013 phishing sites, 27% more over the course of 12 months. Education regarding this form of attack has the most positive outcome in lessening the attack surface..

Future Direction. The State of the Phish 2018 report found that 95% of respondents are training end users on how to identify and avoid phishing attacks. Apart from introducing technologies such as firewalls, blocking pop-ups, antivirus software, and anti-phishing toolbar, employee education and training is an essential tool that companies must utilize in order to effectively defend against sophisticated phishing scams..

Conclusion. 95% of cybersecurity breaches are due to human error. The attacks continue to become more sophisticated day by day. Education regarding ways how NOT to fall prey to phishing attacks is vital Without user education, careless web surfing and users clicking on malicious links will continue..

Reference. https://www.phishing.org/10-ways-to-avoid-phishing-scams https://edtechmagazine.com/higher/article/2018/02/higher-ed-users-are-less-susceptible-phishing-scams https://resources.infosecinstitute.com/topic/10-most-common-phishing-attacks/ https://www.propertycasualty360.com/2019/05/24/how-effective-employee-education-and-training-combats-phishing-attack-risk-414-155823/?slreturn=20211030202938 https://www.trendmicro.com/en_us/what-is/phishing/types-of-phishing.html.