Website Forgery: Understanding Phishing Attacks and Nontechnical Countermeasures

Abstract

Website Forgery is a type of web based attack where the phisher builds a website that is completely independent or a replica of a legitimate website, with the goal of deceiving a user by extracting information that could be used to defraud or launch other attacks upon the victim. In this paper we attempt to identify the different types of website forgery, phishing attacks, and non-technical countermeasure that could be used by users, (mostly by non-IT users) that lack the understanding of how phishing attack works and how they can prevent themselves from these criminals.