Phishing Attack on Credential Harvester (Google)

Haytham F. Dhaw; Alhadi A. Alajeili; Khalid M. Ajbrah; Abdesalam A. Almarimi; Mohammed A. Abdulsalam

doi:10.58916/jhas.v8i3.179

Phishing Attack on Credential Harvester (Google)

Haytham F. Dhaw 1Dept. of General Section/ Higher Institute of Medical Technology Baniwalid, Libya
Alhadi A. Alajeili Libyan Center for Engineering Research and information Technology, Baniwalid, Libya
Khalid M. Ajbrah Dept. of Computer Engineering & IT/ College of Electronic Technology Baniwalid, Libya
Abdesalam A. Almarimi Dept. of Computer Engineering & IT/ Higher Institute of Engineering Technologies Baniwalid, Libya
Mohammed A. Abdulsalam Libyan Center for Engineering Research and information Technology, Tripoly, Libya

https://doi.org/10.58916/jhas.v8i3.179

منشور: 2023-09-07

pdf (الإنجليزية)

58

44

الملخص

Abstract—Vulnerabilities and weaknesses of web applications are targeting by attackers. Therefore, penetration testing techniques are very important for building strategies which make the system is secure. This paper proposes a penetration testing model for phishing attack which is a common these days. The proposed model was implemented using the latest versions of VMware-machine, kali-Linux, and Windows 10. The Hiddeneye, Ngrok, and bitly tools were used. This was achieved by information gathering method. The obtained results of the phishing attack were identified and their appropriate countermeasures were defined.

الكلمات المفتاحية: Computer security Web security Ethical hacking

كيفية الاقتباس

Haytham F. Dhaw, Alhadi A. Alajeili, Khalid M. Ajbrah, Abdesalam A. Almarimi, & Mohammed A. Abdulsalam. (2023). Phishing Attack on Credential Harvester (Google). مجلة جامعة بني وليد للعلوم الإنسانية والتطبيقية, 8(3), 448-457. https://doi.org/10.58916/jhas.v8i3.179

تنزيل الاقتباسات

إصدار

مجلد 8 عدد 3 (2023): v8i32023

القسم

Article

الرخصة

هذا العمل مرخص بموجب Creative Commons Attribution 4.0 International License.

المراجع

1.

L. Irwin, "The 5 most common types of phishing attack," July.09.2019. Available: https://www.itgovernance.eu/blog/en/the-5-most-common-types-of-phishing-attack. [Accessed Dec.26.2019].

2.

H. Farag. and A. Almarimi, "Investigation of Threats for Common Network Attacks," In the Proceeding of LICTEE2019’02, Tripoli, Libya, Mar, 2019.

3.

Apwg, "Phishing Activity Trends Reports," Oct.26.2019. Available: https://apwg.org/trendsreports/. [Accessed: Dec.25.2019].

4.

Maria V. and other, "Spam and phishing in Q2 2019," Nov.26.2019. Available: https://securelist.com/spam-and-phishing-in-q2-2019/92379/ [Accessed: Dec.30.2019].

5.

Maria V. and other, "Spam and phishing in Q3 2019," Nov.26.2019. Available: https://securelist.com/spam-report-q3-2019/95177/ [Accessed: Dec.30.2019].

6.

S. Phirashisha, G. Mary, K. Ushamary, S. Bobby. "Phishing-An Analysis on the Types, Causes, Preventive Measuresand Case Studies in the Current Situation," Journal of Computer Engineering (IOSR), p-ISSN: 2278-8727, 2015, PP. 01-08.

7.

B. Jan-Willem, M. Lorena, J. Marianne, H. Pieter, "Spear phishing in organisations explained," Information and Computer Security. 25. 00-00. 10.1108/ICS-03-2017-0009, 2017, pp. 593-613.

8.

"Ngrok," Dec.3.2019. [online]. Available: https://ngrok.com/product. [Accessed: Dec.30.2019].

9.

B. Gupta, A. Nalin, P. Kostas. "Defending against Phishing Attacks: Taxonomy of Methods, Current Issues and Future Directions," Telecommunication Systems. 2017, 10.1007/s11235-017-0334-z.