Title: Behind Identity Theft and Fraud in Cyberspace: The Current Landscape of Phishing Vectors

Issue Number: Vol. 3, No. 1
Year of Publication: Apr - 2014
Page Numbers: 72-83
Authors: Thomas Nagunwa
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong
DOI:  http://dx.doi.org/10.17781/P001287


Increased consumer anti-phishing awareness and improved anti-spam technologies has gradually reduced the impact of traditional phishing spams in recent years. To keep up their game in a multi-billion dollar cybercrime industry, hackers have been continuously innovative in developing polymorphic phishing channels. Spear phishing, malware, search engines poisoning, use of rogue Secure Socket Layer (SSL) certificates, mobile and social media attacks are among the modern and prominent channels for phishing attacks today. This paper examines today’s most adopted phishing vectors by cybercriminals as observed by security vendors, security analysts and anti-phishing campaigners. Learning the current landscape of these vectors is a key step in developing effective technological, social and legal devices to mitigate the impacts of these threats across the globe. The paper concludes that almost of all today’s phishing attacks begin with spear phishing. Phishers focus more their attacks towards small and medium enterprises. Malware toolkits are the key player in all major attacks. Mobile and social media attacks have rapidly grown recently and promise to be the future of phishing.