Phishing Attack on Credential Harvester (Google)

  • Haytham F. Dhaw 1Dept. of General Section/ Higher Institute of Medical Technology Baniwalid, Libya
  • Alhadi A. Alajeili Libyan Center for Engineering Research and information Technology, Baniwalid, Libya
  • Khalid M. Ajbrah Dept. of Computer Engineering & IT/ College of Electronic Technology Baniwalid, Libya
  • Abdesalam A. Almarimi Dept. of Computer Engineering & IT/ Higher Institute of Engineering Technologies Baniwalid, Libya
  • Mohammed A. Abdulsalam Libyan Center for Engineering Research and information Technology, Tripoly, Libya
DOI https://doi.org/10.58916/jhas.v8i3.179
Published: 2023-09-07
pdf
58
44

Abstract

Abstract—Vulnerabilities and weaknesses of web applications are targeting by attackers. Therefore, penetration testing techniques are very important for building strategies which make the system is secure. This paper proposes a penetration testing model for phishing attack which is a common these days. The proposed model was implemented using the latest versions of VMware-machine, kali-Linux, and Windows 10. The Hiddeneye, Ngrok, and bitly tools were used. This was achieved by information gathering method. The obtained results of the phishing attack were identified and their appropriate countermeasures were defined.

Keywords: Computer security Web security Ethical hacking

How to Cite

Haytham F. Dhaw, Alhadi A. Alajeili, Khalid M. Ajbrah, Abdesalam A. Almarimi, & Mohammed A. Abdulsalam. (2023). Phishing Attack on Credential Harvester (Google). Bani Waleed University Journal of Humanities and Applied Sciences, 8(3), 448-457. https://doi.org/10.58916/jhas.v8i3.179
Crossref
Scopus
Google Scholar
Europe PMC

Issue

Vol. 8 No. 3 (2023): v8i32023

Section

Articles

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

References

1.
L. Irwin, "The 5 most common types of phishing attack," July.09.2019. Available: https://www.itgovernance.eu/blog/en/the-5-most-common-types-of-phishing-attack. [Accessed Dec.26.2019].
2.
H. Farag. and A. Almarimi, "Investigation of Threats for Common Network Attacks," In the Proceeding of LICTEE2019’02, Tripoli, Libya, Mar, 2019.
3.
Apwg, "Phishing Activity Trends Reports," Oct.26.2019. Available: https://apwg.org/trendsreports/. [Accessed: Dec.25.2019].
4.
Maria V. and other, "Spam and phishing in Q2 2019," Nov.26.2019. Available: https://securelist.com/spam-and-phishing-in-q2-2019/92379/ [Accessed: Dec.30.2019].
5.
Maria V. and other, "Spam and phishing in Q3 2019," Nov.26.2019. Available: https://securelist.com/spam-report-q3-2019/95177/ [Accessed: Dec.30.2019].
6.
S. Phirashisha, G. Mary, K. Ushamary, S. Bobby. "Phishing-An Analysis on the Types, Causes, Preventive Measuresand Case Studies in the Current Situation," Journal of Computer Engineering (IOSR), p-ISSN: 2278-8727, 2015, PP. 01-08.
7.
B. Jan-Willem, M. Lorena, J. Marianne, H. Pieter, "Spear phishing in organisations explained," Information and Computer Security. 25. 00-00. 10.1108/ICS-03-2017-0009, 2017, pp. 593-613.
8.
"Ngrok," Dec.3.2019. [online]. Available: https://ngrok.com/product. [Accessed: Dec.30.2019].
9.
B. Gupta, A. Nalin, P. Kostas. "Defending against Phishing Attacks: Taxonomy of Methods, Current Issues and Future Directions," Telecommunication Systems. 2017, 10.1007/s11235-017-0334-z.

Similar Articles

1-10 of 52

You may also start an advanced similarity search for this article.