WEB PHISING ATTACK ANALYSIS ON E-COMMERCE SERVICE USING NETWORK FORENSIC PROCESS METHOD

Abstract

The internet provides around the world facilities to reach customers without market restrictions, including e-commerce. As a result, the number of customers who depend on the Internet for purchases has increased dramatically. Potential cybercrime attacks such as phishing are criminal activities that attempt to obtain illegally sensitive information. The sensitive information can be in the form of a username, password, and credit card details. Then it is necessary to analyze the non-volatile data obtained in real and sourced from a Facebook forum. Data acquisition techniques use forensic live network data processing using Network Protocol Analyzer tools, namely Wireshark. The results of the investigation and analysis are summarized in the form of the table. The success of the investigation can be found in the source of the attack in the form of IP Address, URL phishing, DNS protocol, IMAP, username, password, FTP, SMTP, and HTTP. The analysis provides recommendations on how to avoid web phishing attacks.