Mobile Phishing Attacks and Mitigation Techniques

Hossain Shahriar; Tulin Klintic; Victor Clincy

doi:10.4236/jis.2015.63021

Journal of Information Security > Vol.6 No.3, July 2015

Mobile Phishing Attacks and Mitigation Techniques

Hossain Shahriar, Tulin Klintic, Victor Clincy
Kennesaw State University, Marietta, Georgia, USA.
DOI: 10.4236/jis.2015.63021 PDF HTML XML 8,793 Downloads 13,453 Views Citations

Abstract

Mobile devices have taken an essential role in the portable computer world. Portability, small screen size, and lower cost of production make these devices popular replacements for desktop and laptop computers for many daily tasks, such as surfing on the Internet, playing games, and shopping online. The popularity of mobile devices such as tablets and smart phones has made them a frequent target of traditional web-based attacks, especially phishing. Mobile device-based phishing takes its share of the pie to trick users into entering their credentials in fake websites or fake mobile applications. This paper discusses various phishing attacks using mobile devices followed by some discussion on countermeasures. The discussion is intended to bring more awareness to emerging mobile device-based phishing attacks.

Keywords

Mobile Application, Phishing, Smishing, Vishing

Share and Cite:

Shahriar, H. , Klintic, T. and Clincy, V. (2015) Mobile Phishing Attacks and Mitigation Techniques. Journal of Information Security, 6, 206-212. doi: 10.4236/jis.2015.63021.

Conflicts of Interest

The authors declare no conflicts of interest.

References

[1]	CAPEC-164: Mobile Phishing. https://capec.mitre.org/data/definitions/164.html
[2]	Ashford, W. (2014) Phishing Attacks Track Mobile Adoption, Research Shows. http://www.computerweekly.com/news/2240215873/Phishing-attacks-track-mobile-adoption-research-shows
[3]	Kessem, L. (2012) Rogue Mobile Apps, Phishing, Malware and Fraud. https://blogs.rsa.com/rogue-mobile-apps-phishing-malware-and-fraud
[4]	Klein, A. (2010) The Golden Hour of Phishing Attacks. http://www.trusteer.com/blog/golden-hour-phishing-attacks
[5]	Symantec Internet Security Threat Report 2014, Vol. 19. http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_v19_21291018.en-us.pdf
[6]	Todorova, A. (2010) “Phishing” Scams Cast Net on Mobile Banking. http://online.wsj.com/news/articles/SB10001424052748704343104575033380555965818
[7]	Trend Micro eBook (2013) Trend Micro. http://about-threats.trendmicro.com/ebooks/protecting- yourself-against-mobile-phishing/files/assets/downloads/protecting-yourself-against-mobile-phishing.pdf
[8]	Morrison, D. (2010) Mobile Phishing Highlights Need for Greater Security. http://www.cutimes.com/2010/01/20/mobile
[9]	Jevan, D. (2012) Latest Threats against Mobile Devices. Information Systems Security Association. http://sfbay.issa.org/comm/presentations/2014/ISSA%20Marble%20Security_2014_0114.pptx
[10]	Wilson, S. (2014). Smishing, Yes It Is All Bad. http://www.zcorum.com/smishing-yes-its-all-bad/
[11]	Foozy, C.F.M., Ahmad, R. and Abdollah, M.F. (2013) Phishing Detection Taxonomy for Mobile Device. International Journal of Computer Science, 10, 338-344.
[12]	(2014) Hackers Target Wi-Fi Hotspots in New Phishing Attack. https://johnib.wordpress.com/2007/05/06/hackers-target-wi-fi-hotspots-in-new-phishing-attack
[13]	Johnston, S. (2013) How to Protect Yourself from Smishing and Vishing. http://money.usnews.com/money/personal-finance/articles/2013/09/19/how-to-protect-yourself-from-smishing-and-vishing
[14]	Yoon, J.W., et al. (2010) Hybrid Spam Filtering for Mobile Communication. Computers & Security, 29, 446-459. http://dx.doi.org/10.1016/j.cose.2009.11.003
[15]	Mahmoud, T.M. and Mahfouz, A.M. (2012) SMS Spam Filtering Technique Based on Artificial Immune System. International Journal of Computer Science, 9, 589-597.
[16]	Zhang, Y., Hong, J. and Cranor, L. (2007) Cantina: A Content-Based Approach to Detecting Phishing Web Sites. Proceedings of the 16th International Conference on World Wide Web, Banff, May, 639-648. http://dx.doi.org/10.1145/1242572.1242659
[17]	Sheng, S., Wardman, B., Warner, G., Cranor, L., Hong, J. and Zhang, C. (2009) An Empirical Analysis of Phishing Blacklists. 6th Annual Conference on Email and AntiSpam (CEAS), Mountain View.
[18]	COMODO Security Solutions. https://play.google.com/store/apps/developer?id=Comodo+Security+Solutions&hl=en

Journals Menu

Follow SCIRP

	customer@scirp.org
	+86 18163351462(WhatsApp)
	1655362766

	Paper Publishing WeChat

Journals Menu

Home

About SCIRP

Service

Policies