Designing an Intelligent User Interface for Preventing Phishing Attacks

Abstract

Most phishing sites are simply copies of real sites with slight features distorted or in some cases masqueraded. This property of phishing sites has made them difficult for humans and various anti-phishing techniques to detect. Also, the attacker community has proved itself able to quickly adapt to anti-phishing measures, mainly warning messages to help limit the effectiveness of phishing attacks and protect unsuspecting users. Despite the notable advances made in the last years by the active warning messages for phishing, this attack remains one of the most effective. In this paper we propose an intelligent warning message mechanism, that might limit the effectiveness of phishing attacks and that might increase the user awareness about related risks. It implements an intelligent behavior that, besides warning the users that a phishing attack is occurring, explains why the specific suspect site can be fraudulent.