INTRODUCTION AND DEFINITION
Cyber threats such as
unsolicited emails, malicious software, viruses, spyware, Distributed Denial of
Service (DDoS) attacks, and social engineering attacks exploit the security of
smartphone devices. One such cyber threat is “Phishing Attack”. Phishing Attacks
are a type of hacking so it is a
method that attackers will use to obtain ones username and password. This can
lead to identity theft so one has to be very careful. If a phishing attack is
executed successfully the attacker will trick someone into giving up username,
password and possibly other personal information. Attackers launch phishing
attack for social or financial gains. The attacker would create a situation
where people believe that they are dealing with an authorized party, such as their
bank. Further the attackers will then ask the victim for sensitive information
such as credit card information. Therefore phishing is considered an
opportunistic attack rather than a targeted one. Although, a significant amount
of work has been done to detect phishing attacks but still it is one of the
most serious crimes over the Internet. A recent report by Anti-Phishing Working
Group (APWG) shows that in 2016, the total number of unique phishing attacks
detected were 1,220,523, which is an increase of 65% over 2015…
mobile devices especially smartphones are increasingly being used by the users
due to a wide range of functionalities they provide. These devices are very
compact and provide functionalities similar to those of desktop computers due
to which attackers are now targeting the mobile device users. However,
detection of mobile phishing attack is a different problem from desktop
phishing due to the dissimilar architectures of both. Moreover, identification
of mobile phishing attack with high accuracy is an important research issue as
not much amount of work has been done in this field. Many anti-phishing
solutions for mobile devices have been proposed till date but still there is a
lack of a full fledge solution. The primary objective of this paper is to do a
detailed analysis on mobile phishing – attacking techniques and defense
mechanisms. We present this paper in four folds. First, we discuss in detail
about mobile phishing attack, its history, motivation of attackers, and
security concerns of smartphones. Second, we analyses various mobile phishing
attacks and provide a taxonomy of the same. Third, we provide taxonomy of
numerous recently proposed solutions that detect and defend users from mobile
phishing attacks. Forth, we discuss different issues and challenges faced by
researchers while dealing with mobile phishing attacks. In addition, we have
also discussed datasets and evaluation matrices used by researchers for
evaluating their approaches.
is one of the most significant problems faced by Internet users. User education
is important in order to create awareness among the users about phishing
attacks. Phishing is a social engineering attack. Hence, educating the user is
important to avoid phishing attack. Education based approaches include showing
warnings, and online training through games.
Active and passive warnings:
User interface shows warning which depends upon the action
triggered as utilized by many web browsers. The warning can be a passive
warning that only shows the warning which relies on the users to perform
certain action while active warning does not rely on the user to perform some
action and block the content itself. Users do not pay attention to the
warnings. Studies have shown that passive warnings are less effective as compared
to active warnings.
through mobile games:
of the important factor in avoiding phishing attack is to train users which
leads to correct identification of phishing and legitimate instances. Various
methods are there to train the users. To develop conceptual knowledge about
phishing attacks, various mobile games are being developed to educate the
users. Due to increase in use of Internet technology, the risk of mobile device
users falling victim to phishing attacks have also increased. So to avoid this
particular attack, mobile games can be used to train the users which further
helps in reducing the phishing threat. Asanka et al. designed one such game.
The game is about educating the users about phishing emails and phishing URLs
so that the user is able to differentiate between phishing and legitimate
emails and URLs. The prototype of the game was implemented on Google App
Inventor Emulator. In another approach, Asana el at. Developed a game by
identifying the elements that are needed to be addressed to avoid phishing
attacks for educating users. In addition, Asanka et al. designed a gaming
approach by combining conceptual and procedural knowledge to educate users. The
approach integrates “self-efficiency” to the anti-phishing educational game in
order to enhance user’s behavior to avoid phishing attacks.
of smashing and spam SMS
messages consist of a text message and a URL which when opened perform
malicious activity. The attackers use social engineering approach to target
victims and users are easily attacked by it. For detecting smashing or spam
messages, different classifiers make use of effective feature set are used. Comparative
analysis of various smashing detection approaches. Various approaches for
detecting smashing and spam messages are discussed below.
et al. proposed a security model “S Detector” for detecting and blocking smashing
messages. Naïve Bayesian Classifier is used to differentiate between smashing
and normal messages by extracting the words most often used in smashing
messages. S-Detector consists of four components – SMS monitor, SMS
determinant, SMS analyser, and Database.
takes the following steps to distinguish normal messages from Smashing
When a text message is received, SMS monitor records the logs and timestamps of
the communicated SMS message.
It is checked whether the telephone number is already registered in blacklist
It is determined whether the text message contains a URL. If yes, accesses that
It is checked if an APK file is downloaded on access to the URL. If an APK file
is downloaded, it is regarded as smashing message and is blocked, else content
of the message is analysed.
Pre-processing is done to separate the strings from the text message and
morpheme unit are extracted. Then a weight value is assigned to each word using
Naïve Bayes algorithm.
6) If weight is more than or same as threshold, the
message is labelled as a Smashing message and is blocked. Otherwise, it is
categorised as a normal message.
et al. proposed a mobile spam messages filtering application “SMS Assassin”
based on Bayesian learning. Support Vector Machine (SVM) is used along with
Bayesian learning in order to achieve higher accuracy. Spam SMS consist of
patterns and keywords that are changed frequently. Crowd-sourcing is used to
keep the list of patterns updated. During the training stage, the occurrence of
each word in spam and ham messages is computed to determine whether a word
belongs to ham or spam. After training, the sameness probability of SMS is
calculated, and if it is above a certain threshold, then it is regarded as spam
message. To keep track of spam keywords, SMS Assassin uses Global Spam Keywords
at the server and SpamKeywordsFreq list in mobile phones. The mobile
application also maintains a UserPreferencesList under which user can mention
ham/spam keywords according to his choice or preferences. Users having SMS Assassin
application in their mobile phones can share reported spam list. Authors
collected a total of 4318 SMSes using crowdsourcing. Bayesian learning
technique gives 97% classification accuracy in ham SMSes, 72.5% classification
accuracy in spam.
Cell Algorithm (DCA) based approach:
et al. proposed a technique for filtering multimodal textual messages including
emails and short messages. Inspired from the human immune system and hybrid
machine learning methodologies, the author offered a method for information
fusion. Various features obtained from the received messages were analyzed with
the help of machine learning algorithm. They developed a framework based on DCA
for mobile spam filtering by fusing output from machine learning algorithms.
normalization and semantic indexing based approach:
et al. proposed a mechanism that normalizes and expands the short as well as
noisy text messages. Semantic and lexicographic dictionaries are used for this
purpose. The text is processed in three stages- text normalization, concept
generation, word sense dis-ambiguity. Text normalization is the process of
transforming text into a single canonical form that it might not have had
before and uses two dictionaries – first is English dictionary and second is
lingo dictionary. Concept generation is used to obtain every meaning or concept
related to a particular term. Word sense dis-ambiguity is used to find the most
relevant concept or meaning according to the context of the message. Concept
generation and word sense dis-ambiguity uses LDB Babel Net Repository. Authors
concluded that with the help of text processing, classification performance can
be enhanced. The system improves the quality of the attributes obtained, which
in turn improves the classification accuracy.
detection using text content
Karami et al. proposed a content based approach which instead
of depending on individual word, uses a semantic group of words as features. Linguistic
Inquiry and Word Count (LIWC) and SMS Specific (SMSS) features are the two
semantic categories of features used by the researchers that helps to reduce
the feature set, in turn improving the efficiency of the approach. There are
two phases in the system – feature extraction and classification. Machine
learning algorithm is used for classification. Accuracy of the system lies from
92% to 98%.
application “Smashing defender” was developed by Hauri Inc. that detects and blocks
phishing SMS messages in Android smartphones. The application monitors the text
messages received and notifies the user on the reception of smishing message.
The application also provides a feature with which suspicious message can be
sent to Hauri for further analysis.
10. MDL Text
volume of data in smartphone devices requires efficient and effective text
classification methods. Silva etal .developed “MDL Text” which is an efficient,
scalable, fast, and light weight multinomial text classifier based on the
Minimum Description Length principle. MDL Text is robust, learns faster and
avoids over-fitting problem. Due to incremental learning, the scheme can be
used in online as well as dynamic scenarios. Even with large volume of data,
MDL Text has lower computational cost.
smishing in cloud computing environments:-
etal .proposed a technique to detect smishing messages using cloud virtual
environment. The proposed technique checks for source of the message, content
and location of the server and takes decision accordingly. Smishing detection
probability is increased by using program interface analysis and filtering so
as to minimize incorrect detection. On receiving a message, the user can
compute the risk of the message in virtual environment and processing is also
done there. When the process is completed, the screenshot and the report is
sent to the user. Based on the report, user can determine if the message is
smishing or not which in turn reduces the incomplete and false detection.
framework for SMS Spam Filtering:-
et al. proposed a framework for SMS spam filtering. To find various features of
SMS, it uses two feature selection methods that are based on chi-square (CHI2)
matrices and information gain (IG). Features are fed to the Bayesian classifier
to classify the SMS as ham or spam. The scheme was designed for android mobile
phone users and evaluated on large set of SMSes including legitimate and spam
messages and output shows that system gives accurate results in detecting both
ham as well as spam messages.
Authentication scheme using QR-code:
protect the personal information from phishing attacks on mobile devices Choi
et al. proposed a Single-Sign-On authentication scheme based on QR-code. This
scheme has addressed the limitation of Single-sign-on which allows the user to
access multiple applications with single username and password. In the proposed
approach, server generates a random key which is used for secure communication.
This scheme works in three phases. First is login request phase, second is
QR-code generation phase, and third is verification phase. The scheme encrypts
the information due to which attacker cannot obtain the information even if the
information is exposed to them.
is a growing crime and one that we must be aware of. Although laws have been enacted,
education is the best defence against phishing. Being a bit suspicious of all
electronic communications and websites is recommended. The aim of phishing
attack is to obtain sensitive information such as usernames, passwords, and
credit cards details very often for malicious reasons, by disguising as a
trustworthy entity in an electronic communication. It has been targeting the
desktop users from a very long time, but now the attackers or hackers have
shifted their focus to mobile device users. When it comes to mobile phones, the
attackers have numerous ways to reach the user and some of them include SMS,
mobile applications, e-mails, mobile web browsers, and MMS. Due to small screen
size, inconvenience of user input, lack of awareness, mobile device users are
three times more vulnerable to phishing attacks as compared to desktop users.
Mobile webpages are different from their desktop counterparts in terms of
content, layout, and functionality. So separate techniques are needed to avoid
these attacks on mobile devices. Phishing is an example of social engineering techniques.
engineering is one of the most widely used methods to acquire user’s
information using fake websites, emails, or Mses’ Fraud messages are sent to
victims asking them to update their details.
software is installed in user’s device either by sending the malicious links or
making it available on the application store. It is difficult for the users to
ignore SMS they receive on their mobile devices.
User education or training is necessary for creating awareness among the
users so that their susceptibility to fall victim to phishing attack can be
reduced. Various mobile games have been developed to educate the users about
phishing attacks but education alone cannot guarantee positive behaviour
reaction. Education is necessary but not sufficient in avoiding phishing
attacks. User education along with software solutions are required. This paper
provides an overview of mobile phishing attacks and various anti-phishing
solutions available. Taxonomy of phishing defence mechanism will help users to
have an understanding of the topic. There is a broad scope of research that can
be done to develop new defence mechanisms to fight against mobile phishing
attack, specifically considering the variation of devices. In other words, it
can be said that phishing is one of the most common attack and the most
successful for attackers.