Uncovering Flaws in Anti-Phishing Blacklists for Phishing Websites Using Novel Cloaking Techniques

Wenhao Li; Wenhao Li; Yongqing He; Zhimin Wang; Saleh Alqahtani; Priyadarsi Nanda

doi:10.5220/0012135600003555

Uncovering Flaws in Anti-Phishing Blacklists for Phishing Websites Using Novel Cloaking Techniques

Wenhao Li, Wenhao Li, Yongqing He, Zhimin Wang, Saleh Alqahtani, Priyadarsi Nanda

2023

Abstract

The proliferation of phishing attacks pose substantial threats to global prosperity amidst the Fourth Industrial Revolution. Given the burgeoning number of Internet users and devices, cyber criminals are harnessing phishing toolkits and Phishing-as-a-Service (PhaaS) platforms to spawn numerous fraudulent websites. In retaliation, assorted detection mechanisms, with anti-phishing blacklists acting as a primary line of defense against phishing sites, have been proposed. Yet, adversaries have contrived cloaking techniques to dodge this detection method. This study endeavors to unearth the shortcomings of prevailing blacklists and thereby bolster the efficacy of detection strategies for Anti-Phishing Entities (APEs). This paper presents an exhaustive analysis of innovative and practicable attacks on current anti-phishing blacklists, unmasking potential weaknesses in these protection mechanisms hitherto unexplored in prior research. Additionally, we divulge potential loopholes exploitable by attackers and appraise their effectiveness against popular browser blacklists.

Download

Paper Citation

in Harvard Style

Li W., He Y., Wang Z., Alqahtani S. and Nanda P. (2023). Uncovering Flaws in Anti-Phishing Blacklists for Phishing Websites Using Novel Cloaking Techniques. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 813-821. DOI: 10.5220/0012135600003555

in Bibtex Style

@conference{secrypt23,
author={Wenhao Li and Yongqing He and Zhimin Wang and Saleh Alqahtani and Priyadarsi Nanda},
title={Uncovering Flaws in Anti-Phishing Blacklists for Phishing Websites Using Novel Cloaking Techniques},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={813-821},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012135600003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Uncovering Flaws in Anti-Phishing Blacklists for Phishing Websites Using Novel Cloaking Techniques
SN - 978-989-758-666-8
AU - Li W.
AU - He Y.
AU - Wang Z.
AU - Alqahtani S.
AU - Nanda P.
PY - 2023
SP - 813
EP - 821
DO - 10.5220/0012135600003555
PB - SciTePress