Abstract
One of the latest computer-related problems to arise is phishing, which is the criminally fraudulent process in which e-mails lure unsuspecting victims into giving up user names, passwords, Social Security numbers, and account information after linking to counterfeit bank, credit card, and e-commerce Web sites. Phishers are mainly targeting the customers of banks and online payment services. It is so pervasive that even corporate and government sites are actively informing the users on this issue. This paper presents a solution, which aims to protect users against email phishing attacks. Main key words which are used are a user ID and password, and the other is an authenticating question. An e-mail that a bank sends to user contains some image and preselected question which the phisher couldn’t have, that the user chose when setting up the account. This proves to the user that the e-mail came from the bank or business, not a phisher, and that it is safe to use the provided link. The user is asked to provide his ID and the bank checks if the ID is valid or not. If the ID is valid, the user is asked to load the image which has been mailed and answer his preselected question along with a request for their logon password. After receiving the correct password, user is allowed to access the Web site.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Microsoft. Anti-Phishing Technologies (2005), http://www.microsoft.com
Microsoft. Browser Helper Objects: The Browser the Way You Want It (2005), http://msdn.microsoft.com
Microsoft. Sender ID Framework Overview (2005), http://www.microsoft.com
Anti-Phishing Working Group
CRM Today. Financial Insights Evaluates Impact of Phishing on Retail Financial Institutions Worldwide, CRM Today, July 15 (2004)
Cranor, L., Egelman, S., Hong, J., Zhang, Y.: Phinding phish: An evaluation of anti-phishing toolbars. Technical report, Carnegie Mellon University (November 2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Devarakonda, A.K., Tummala, P., Sandrala, I.P. (2010). Security Solutions to the Phishing: Transactions Based on Security Questions and Image. In: Das, V.V., et al. Information Processing and Management. BAIP 2010. Communications in Computer and Information Science, vol 70. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12214-9_101
Download citation
DOI: https://doi.org/10.1007/978-3-642-12214-9_101
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12213-2
Online ISBN: 978-3-642-12214-9
eBook Packages: Computer ScienceComputer Science (R0)