A Framework to Protect Against Phishing Attacks

Phishing is a social engineering attack which aims to manipulate people and encourage them to expose their confidential information. The most common methods and techniques used for phishing are emails, chats or websites. Furthermore, there are various types of phishing attacks, for instance, spear-phishing and smishing. Many solutions have been proposed to prevent and detect phishing attacks such as users' awareness methods and detection tools. However, phishing still on the top of attacks with a high number of victims. One of the main reasons is the lack of users' knowledge. This could have more severe effects on Arabic users as most of the proposed mitigation solutions have not considered Arabic users. Furthermore, there is an enormous lack of knowledge in computing and security. It is highly likely that they can be victimized using social engineering attacks. This paper presents a framework to protect against phishing attacks by enhancing the users' awareness to detect phishing attacks. The proposed framework has two major components, which are animation videos for training awareness and gamification part to assess the delivered knowledge.