Understanding Phishing and Phishing Techniques in Client-Side Web-Based Systems

As auspicious as the technology is, the bane of the internet has always been the constant threats of online identity theft and other forms of fraud prevalent on the information highway. Phishing is a form of internet fraud in which emails and websites that are purportedly from legitimate organisations and agencies are used to deceive users into disclosing personal or financial information. Despite the plethora of anti-spam filters that are readily available today, phishing emails are still able to bypass such measures and find their ways into users’ inboxes. This challenge at the client side of the web-based infrastructure is prevalent as clients are at varying levels of usage and knowledge of internet infrastructure. This paper takes a look at the phishing scenario by examining why it works. We provide extensive insights into extant literature in the subject domain as a basis for the development of tools to mitigate phishing and assisting users understand phishing attacks. Keyword: Phishing, computing, clients, web systems, internet, security, fraud and filters.