A Study on Phishing Tools and Frauds; Information Security and Challenges

A Study on Phishing Tools and Frauds; Information Security and Challenges 

Executive Summary

Phishing tools can be used as a threat to blackmail a person or a higher authority of a company. Different fraud and fake links are all over the internet in the modern world. Clicking on the malicious links can lead to a high-level security threat to a person. Identity theft issues are related to the problem. The researcher described a brief description of phishing tools and which tools can be used commonly by a hacker in the following study. Different types of phishing tools are discussed by the researcher to enhance the study. Precautions are taken by a company to overcome such issues. The researcher also gave a brief discussion about the ICANN case and how the company recovers malicious attacks. Phishing awareness is created by a company to prevent these issues. The topic is more clearly discussed in the following study.

Introduction

Phishing tool is used for hacking and stealing different personal pieces of information. Hackers use these kinds of tools to steal information from a wireless device to blackmail a person. The main component of this process is a Ghost Phisher, which is generally a wireless device and protected by Ethernet security. The attacking tool uses Python Programming Language to access different devices without any disruption. Python QT GUI library is used to emulate different access points and deploy them into different domains. The tool has a huge area in the web and generally comes with a fake domain, fake DNS address, fake HTTP server, and fake DHCP server. The fake system adequately possesses a high malicious attack on a computer or Wifi based devices. The attacker tool captures the original server ID and replaces it with the new fake one. This leads the user in a blind situation and the user also cannot access the system. Recently the rate of hacking is highly increased and people must aware of the situation to control these hackers.

The fake systems have full control over a user system and it can be accessed on by any place in the world. The hacking system blocks the original HTTP of the user and login credentials into a new database system. The process can be used for DHCP and DNS requests. The main target of these attacking tools to control over a highly specified information of a country, which could lead to a possible national threat. Use of different access points leads to a rotation in changing location. The hacker is not easily traceable and continues to threaten a particular person. Supercomputers and highly secured companies and Intelligence agencies use this malware to gain pieces of information.  Phishing is a crime and generally referred to as Identity theft. The hacker uses the information to fraud or scam a person and it can also be used in an illegal manner.

Reviewing Literature

Different Types of Phishing Tools

Different phishing tools are used for hacking or sneaking into a person’s private life. Ghost phisher is one of the main tools used in phishing however different components are included in these tools. Different characteristics of the attacking tool can lead to a high rated malicious attack (Conti et al. 2018).

Features of Ghost Phisher:

  • HTTP Server
  • RFC 1035 DNS Server (Inbuilt)
  • RFC 2131 DHCP Server (Inbuilt)
  • Webpage Hosting
  • Credential Logger (Phishing)
  • WIFI Access Point Emulator
  • Session Hijacking (Include Ethernet and also Passive Mode)
  • Cache Poisoning ARP (MITM and DOS Attack)
  • Penetrate using Metasploit Bindings
  • SQLite Base Credential Login
  • Update Support

The hacking tools come into different variant and can be installed on any operating system. Debian package installer is attached with the tool to connect to its core. Aircrack NG, Python Scapy, Python Qt4, Python, Subversion, Xterm, and Metasploit Framework variants are used by a hacker during the hacking process (Abbasi et al. 2016).

SPF is also used as a toolkit during the hacking period. The term SPF referred to as Speed Phish Framework. The system generally consists of an EMail phishing tool which is written on Python language. Simple phishing can be done through this toolkit, social engineers use the tool for quick recon and deployment of malicious websites. Three different parts are there in the system to work together as an attacker tool.

Fig 1: Features of a Ghost Phisher

(Source: created by the researcher)

Phishing Frenzy, Goplish, and toolkit Rebirth,Phishing Frenzy is an open source tool which is generally used to manage different complex phishing events. Penetration testers use this tool to protect important information in the email of a company or a person. The main intention of these projects is to guide a person while providing the best realistic phishing campaign as much as possible. Frenzy offers different campaign management system, reuse of template and statistical generation to the people.  The tool is presented in an elegant front end description which is easily adaptable for any company and also leveraged in the Twitter Bootstrap CSS Library. Different features have been added to the tool to improve their performance. Some of the new features are:

  • Website Cloning
  • Email Harvesting
  • Credential Harvesting
  • UID Tracking
  • Reporting and Analytics
  • Action Mailer
  • Dynamic Email
  • Preview Email
  • Template Sharing
  • Data Tables
  • Export XML
  • PDF Reports

Fig 2: Features of Phishing Frenzy

(Source: created by the researcher)

Gophish is also an open source phishing framework tool. The tool is used for straight forward phishing attacks in the real world (Abbasi et al. 2015). The main intention of the process is adequately simple. The tool is available in the market for industry-grade training for everyone. The tool also has some specific features. Some of the features are:

  • One-Click Installation
  • Portable Binary
  • Static Assets
  • Click and Phishing
  • Excellent Web UI Design
  • Automatic Phishing Campaigns
  • RESTful API (JSON)
  • Automated Training
  • Open Source

The tool is new to the market and the beta version of the tool is adequately famous amongst people.  A new timeline feature is added recently for modification of the tool. Email tracking and templating Email can be done by the system now. The error always there when loading a new system additional events are added to the system for further improvement. TLS phishing server can now be accessed by a specified admin server of the system. Different UI programs are fixed in the tool and now it is designed adequately beautiful. New function of transport CSV result is added in the tool to achieve more user-friendly experience (Abdelhamid et al. 2017). [Referred to Appendix 1]

The toolkit Rebirth is an open source phishing toolkit and generally used for education purposes in higher computer education. The tool mainly used as an anti-malicious tool to protect highly classified information. Different organizations spend a lot of money to protect their valuable information. Trained and professional computer experts are needed for this issue. The main motto of the system is to provide technical support to an organization. The system is based on a simple and single target link to bypass the most secured protection walls of a system. A simple click could solve all the problems and the system is also user-friendly and easily handled by any person (Arachchilage and Cole, 2016). The toolkit is created to provide a simple and user-friendly framework to select the weakest links and it can be patched with vulnerability. The system is developed about two years previous versions are not that user was friendly so the new version came with the name ‘Rebirth’. The software is adequately useful and continuously developed day to day by the system developers.

Some of the key features of the system are:

  • Template
  • Visual Editing
  • URL Shortener Support
  • Educational Tracking
  • Send SMTP via SSL
  • Displaying Inline Errors
  • Accurate Email Tracking Time
  • Browser Detection

Fig 3: Features of Rebirth

(Source: Created by the researcher)

The toolkit has a specific system requirement; APACHE, PHP, and MySQL are required to install the tool in the system.

SPF Master has these three components and system requirement is added into dnspython, TWISTED, and PhantomJS.

The Case of ICANN

Recently a new hacking system is discovered by the researchers, ICANN, which is a high potential malicious attack, is an internet-based database system. Use of this tool is used to possess an adequately high rated threat to a company or a person. The system is consists of a root zone and has the highest authority to activate DNS requests. The term ‘ICANN‘ is referred to as Internet Corporation for Assigned Names and Numbers. The process is based on a particular organization and responsible for identifying different databases of specific identifiers which relate to namespaces on the Internet. The system is hacked and compromised by hackers recently. Attackers had full access to the system of the organizations and threatened the employees by stealing personal information. A lot of company’s secret information has been stolen. The attack is a high rated threat and causes a lot of problems for the organization (Arachchilage et al. 2016). Spear Phishing type of attack is launched by hackers to control the company’s personal website. The main intention of the attack is to steal the employees’ user accounts and passwords and lead them to a blank space. Bank accounts and different social account related to their phone number is hacked and causes a terrible issue. Attackers gained access to the devices which are related to the mobile numbers of the employees (icann.org, 2019).

Centralized Zone Data System (CZDS) is completely gone under control of the hackers. The domain registration portal and different Wikipedia pages and blogs are completely removed from the company’s website to the hackers. The event was discovered by the company after a week of this malicious attack. CZDS provided the full access to the zone files of some of the world’s top generic domains. The hackers managed to wipe out all the information related to the system and personal cloud belongings of the employees who are connected to the company’s website. The precious information included most of the world’s registries and registrars. A recovery email was sent to the users however the system was previously hacked. The attackers have full access to administrative files of the organization. Private information such as Names, Email addresses, phone numbers, postal addresses, and username is gone totally under control of hackers. Gigabytes of different information is leaked on the web in the hacking system, the company stated this situation as a highly specified hack and next level of hacking. The root zone records are compromised, changes were made in the system of the company to create a fake website of the same company’s domain name (Cui et al. 2017).

The problem was adequately slowly solved, ICANN later provided different security enhancements in the system to develop their entire security system. The intruders got all the access to the files and they try to recover the data. The passwords of the users stored as a salted hash value information rather than saved as a plain text. The algorithm is still unknown and confirmed that the attack did not harm any IANA system.

Separating Phishing from Genuine Emails

Internet Security is the most common issue nowadays. Any kind of internet-based devices can be hacked by any person without knowing the user. The Internet-related issue can be solved if the user follows some earlier stages. Secure the Gateway of the web browser, upgrade the firewall system to the latest. One of the most common issues in the phishing system is email phishing and different social engineering techniques are used to lure people towards the hacker. The main source of different high-level cyber attacks is the Darkweb. The website is full of crime and can be accessed by Onion or Tor Browser. Mocking is used in the process to lure people towards losing private information and money.  A free of cost and low-cost toolkits can be used in phishing. A single tap or click to the fraud email or message can lead the user to lose personal information. Some of the emails may include forcing the user to put their names, addresses and any personal data to access that page. Device security is the main thing a user can do to prevent hacking. Highly specified government agencies use this tool to keep an eye on the societies.  Anti Phishing Scam process is used by the organizations to prevent data stealing (Dobolyi and Abbasi, 2016).

Findings and Analysis of Different Metadata

Hackers are nearly untraceable in the world; all kinds of hacks did not have the same level and same potential. High-level hacks are adequately dangerous for a particular person or company and end on losing credentials and private information. The ICANN attack can be a great example of a High-level threat and can be discussed further. The hackers have managed to access the private accounts of the people. Phishing attack rates are increased nowadays and have a huge impact on any kind of organization. Appropriate maintenance and cyber security are required to prevent damage from these problems (Misra et al. 2017). [Referred to Appendix 2]

The main resource of these attacks is the Black market. The attacks can be highly rated and easily customized by a user without knowing a lot of technical skills. Emailing is the main process of delivering different phishing attacks. A malware was initially launched by the hacker to a particular system to start a malicious attack. Nowadays sophisticated email attachments and credible emails are the main sources of email scams. Different phishing campaigns target 55% of the employees for malicious attacks and make them a victim of the attack. Different JAVA based software can be hacked also by the intruders. A rate of clicking through these malicious web mails is approximately 20%. The intruders use different techniques to lure the user towards the fake link provided. The main target of the hackers is to steal precious information of an organization’s head and higher authorities because they have access to highly important files of an organization (Oliveira et al. 2017).

The scamming process can be recovered easily if the user follows some of the basic steps. The user must be careful about giving the reply to the spam links and must not provide personal information or passwords without knowing the company’s trust policy. A user must not provide any kind of bank and social related information to unknown links. Sometimes copying the spam link into the web browser can navigate to spamming. The user must not open or download any attachments from the spam email this could lead to a highly rated malicious attack. Technologies improved different anti-malware programs and antivirus to prevent these problems (toolswatch.org, 2019).

Update to the latest software system is always the best way to overcome such attacks.  The hackers use VoiceOver technologies to replace their original caller ID with someone else. The process is done by the attackers to hide their current location. Government and any organization cannot trace the real caller ID of the hacker. Anti-phishing websites are developed by different organizations to prevent these damages. A user must file a complaint to the nearest police station if the person facing these kinds of threats or problems. Federal Trade Commission is created a particular cyber law of crime to prevent these malicious attacks (Shaikh et al. 2016).

Planning Management and Risks

Risks are always there when developing a process, Risks generally in phishing leads to losing all private information and exploited to the internet. Different account related passwords can be hacked in phishing. Clicking on eye-catching offer links can direct to phishing. Slash including web addresses is the main thing of web scamming. This can lead the user to a high possible security threat. Financial loss could also be a great risk in the phishing method. Lots of financial loss can lead the victim to personal information loss. Identity theft is also a huge risk in the process. A hacker can steal a person’s identity and can use the identity for criminal acts. Credit card numbers bank account passwords can be stolen by the hacker to threat a person (arxiv.org, 2019).

Proper planning is required to trace a hacker and recover all the information. Different Intelligence societies are created to solve these kinds of issues. The hacker is an adequately clever person and not easy to find. A cyber victim must complain about the police if the person facing these cyber problems. Phishing awareness training is given on different organizations to prevent damage (isitphishing.org, 2019).

A few steps are required to overcome the basic stages of phishing. A user must protect their important passwords as safe as the person can. Never share the bank account details with an unknown person and do not give them the related passwords. Clicking on trusted email links and visit trusted websites can prevent damage from phishing. A user must protect their internet-based devices with proper anti-scam programs and antiviruses. Wifi related devices can easily be hacked. Continuously changing the passwords in a year will keep the user information safe. A specific email reading tool can be used by the user to prevent such issues. A person must not share personal information with an unknown person in the social media sites this process could lead to a malicious attack (prints.hud.ac.uk, 2019).

Development of Computerized Solutions

Success in the new technology system is adequately needed for a company to grow the business. Software development in a company is nowadays hugely required to prevent phishing. Specific design based systems are created by different software companies to prevent losing private and precious information about an organization. An information system tool is created by different organizations to provide extra security to the software systems. Data mining techniques are applied to enhance the process (darknet.org.uk, 2019).

Computer Aid Design and Computer Aided Manufacturing are also developed by companies to prevent extra caution in the process. A supporting system of the company is also changed properly and must be handled by an expert. Artificial Intelligence is created to withstand these kinds of hacking-related issues. A proper investigation is conducted by a person or a company to find the gaps from where the systems can be hacked. Proper implementation and system acquisition must be developed by a company to prevent hacking damage. System maintenance and upgrading can be done properly and must be checked regularly to overcome such issues (researchgate.net, 2019).

Conclusion

A person or a company can get scammed at any time in the modern world, however, these processes can be reduced and the user can interact freely with each other. Different precautions are taken in the process to prevent damage. Different types of fake and fraud websites and links are available on the market. A person must contact for help instead of letting the problem grow. A scamming process can affect a company in a negative way and could lead to ruins. One step forward option is the best option to prevent hacking. Appropriate arrangements of the passwords and proper safety of private information can reduce the chance of hacking.  Different consumer helping organizations are created to help these problems. Cybercrime is a huge threat in modern society and can lead the user to a possible loss of private information. Nowadays anti-phishing training is given to the employees to prevent early damage. Web browsers must be updated to the latest version to withstand the issue. The methods may be safe however a person always prioritize safety in the first place. Phishing is a common problem nowadays and can be solved by preparing an appropriate strategy.