![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-1](http://images.happyhaksul.com/thumb/550/549409-0001.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-2](http://images.happyhaksul.com/thumb/550/549409-0002.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-3](http://images.happyhaksul.com/thumb/550/549409-0003.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-4](http://images.happyhaksul.com/thumb/550/549409-0004.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-5](http://images.happyhaksul.com/thumb/550/549409-0005.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-6](http://images.happyhaksul.com/thumb/550/549409-0006.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-7](http://images.happyhaksul.com/thumb/550/549409-0007.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-8](http://images.happyhaksul.com/thumb/550/549409-0008.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-9](http://images.happyhaksul.com/thumb/550/549409-0009.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-10](http://images.happyhaksul.com/thumb/550/549409-0010.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-11](http://images.happyhaksul.com/thumb/550/549409-0011.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-12](http://images.happyhaksul.com/thumb/550/549409-0012.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-13](http://images.happyhaksul.com/thumb/550/549409-0013.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-14](http://images.happyhaksul.com/thumb/550/549409-0014.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-15](http://images.happyhaksul.com/thumb/550/549409-0015.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-16](http://images.happyhaksul.com/thumb/550/549409-0016.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-17](http://images.happyhaksul.com/thumb/550/549409-0017.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-18](http://images.happyhaksul.com/thumb/550/549409-0018.gif)
![[경영정보시스템] 다양한 피싱(phishing)사례와 대처 방안(영문)-19](http://images.happyhaksul.com/thumb/550/549409-0019.gif)
분야
docxI. Introduction
A) Definition of Phishing and Internet Fraud in General
B) Objective of the Project
C) Importance of the Project
D) Scope and Limitations of the Project
II. Phishing
A) History of Phishing
i) IT Development and the Emerging of Phishing
ii) Past Studies on Phishing
B) Current status
i) Methods of Phishing
ii) Cost of Phishing
iii) Current Attempts to Prevent Phishing
iv) Society and Environment
C) Challenges in Anti-phishing Strategies
III. Analysis
A) Root Cause of phishing
i) Financial Profit and Anonymity
ii) Lack of Knowledge of IT Technology Among Users
iii) Some Situational Scenarios
B) Case study analysis based on above category
i) Case Study 1 - Apple
ii) Case study 2
IV. Solutions
A) Future - Prediction of Future Trends
B) Recommendations
i) Technology
ii) legislation
iii) Social
iv) Evaluation
i) Validation through questionnaires & interviews
ii) Feasibility of solutions
V. Conclusion
VI. References
Although no current research of the phishing damage of Korea or the whole world-wide-web exist there are articles displaying the cost of damage for U.S.
The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss. It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately US$929 million. United States businesses lose an estimated US$2 billion per year as their clients become victims.. In 2007, phishing attacks escalated. 3.6 million adults lost US$3.2 billion in the 12 months ending in August 2007. Microsoft claims these estimates are grossly exaggerated and puts the annual phishing loss in the US at US$60 million. Either way, it is obvious that phishing costs innocent internet users large sum of money.
iii. Current attempts to prevent phishing
a. Social
One strategy for combating phishing is to train people to recognize phishing attempts, People are educated avoid phishing attempts by slightly modifying their browsing habits. The Anti-Phishing Working Group, an industry and law enforcement association, has suggested that conventional phishing techniques could become obsolete in the future as people are increasingly aware of the social engineering techniques used by phishers. The APWG is attempting to create more awareness among Internet users.
b. Technological
Anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures.
Identify legitimate websites
Implementing secure models of secure browsing
Browsers alerting users of fraudulent websites
Augmenting password logins
c. Legal Response
On January 26, 2004, the U.S. Federal Trade Commission filed the first lawsuit against a suspected phisher who was a Californian teenager who allegedly created a webpage designed to look like the America Online website, and used it to steal credit card information
US 2005 : Anti-phishing Act of 2005 – although not implemented, under this law those who created fake web sites and sent bogus e-mails in order to defraud consumers would be subject to fines of up to US$250,000 and prison terms of up to five years.
UK : Fraud Act 2006 - general offence of fraud that can carry up to a ten year prison sentence, and prohibits the development or possession of phishing kits with intent to commit fraud.
iv. Society and Environment
Although most online phishing may seem like a trivial topic, many are still oblivious to the subject. According to 2007 survey conducted by PayPal , an online payment provider, in UK, about 46% of the people are unaware of what phishing
Brody, R., Mulig, E., and Kimball, V., “Phishing, Pharming and Identity Theft”
Grobler, M., “Phishing for fortune”
Jakobbson, M., “The Human Factor in Phishing”
Jakobbson, M. and Myers, S., “Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft” (2006)
Leung, Alvin C.M. and Bose, Indranil, "Indirect Financial Loss of Phishing to Global Market" (2008).
Raghav Rao, H. and Upadhyaya, S., “Information Assurance, Security, and Privacy Services” (2009)
Tygar, J. D., “Why Phishing Works” (2006).
Zhang, Y., Egelman, S., Cranor, L., and Hong, J., “Phinding Phish: Evaluating Anti-Phishing Tools”
Dear all,
As phishing is becoming a more and more serious problem, our team is trying to find out anti-measures to be taken on the issue.
In order to get an idea of how specific damage and what countermeasures could be
undertaken, we are launching a short survey.
We would be very grateful if you could take a few minutes to reply to the questions.
The individual answers will not be visible and the information will be treated as private and
confidential.
Many thanks for your help.
Kind regards,
Team We No Speak Americano
What is your age?
Gender?
----------
Anti-Phishing Survey
1) Are you aware of phishing activities? Yes / No
2) Do you think phishing is a serious problem?
(If you answered ‘Yes’, go to 2-1, If ‘No’, go to 3) Yes / No
2-1) Are you aware of the anti-phishing measures?
Yes / No
2-2) Do you believe that there are enough anti phishing systems?
Yes / No
3) Are you aware of i-pin?
(If you answered ‘yes’, go to 3-1, if ‘no’ go to 4)
Yes/No
3-1) If so, have you ever used i-pin to join a web site?
Yes/No
4) Regarding anti-phishing measures, which method would you prefer?
