- 강연 제목
Understanding the Underbelly of Phishing Attacks
- 강연 요약
Phishing is a critical threat to Internet users. Despite extensive research by the security community, phishing attacks remain profitable to attackers and continue to cause substantial damage not only to the victim users that they target, but also the organizations they impersonate. In recent years, phishing websites have taken the place of malware websites as the most prevalent web-based threat. Even though technical countermeasures effectively mitigate web-based malware, phishing websites continue to grow in sophistication and successfully slip past modern defenses. In a cat-and-mouse game with the anti-phishing ecosystem, sophisticated phishing websites implement evasion techniques to delay or avoid detection by automated anti-phishing systems, which, in turn, maximizes the attackers return-on-investment. Thwarting phishers evasion efforts is, thus, an important problem within the anti-phishing community, as timely detection is the key to successful mitigation.