Introduction

• Phishing costs Internet users billions of dollars per year. It refers to

luring techniques used by identity thieves to fish for personal
information in a pond of unsuspecting internet users. Phishers use
spoofed e-mail, phishing software to steal personal information
and financial account details such as usernames and passwords.
• Phishing is a criminal mechanism employing both social
engineering and technical tricks to steal consumers’ personal
identity data and financial account credentials. Social engineering
schemes use spoofed e-mails, purporting to be from legitimate
businesses and agencies, designed to lead consumers to
counterfeit websites that trick recipients into divulging financial
data such as usernames and passwords. Technical subterfuge
schemes install malicious software onto computers, to steal
credentials directly, often using systems to intercept consumers’
online account user names and passwords
 A technique of phising attack
• The criminals, who want to obtain sensitive data, first create
unauthorized replicas of a real website and e-mail, usually from a
financial institution or another company that deals with financial
information. The e-mail will be created using logos and slogans of
a legitimate company. The nature and format of Hypertext Mark-
up Language makes it very easy to copy images or even an entire
website. While this ease of website creation is one of the reasons
that the Internet has grown so rapidly as a communication
medium, it also permits the abuse of trademarks, trade names,
and other corporate identifiers upon which consumers have come
to rely as mechanisms for authentication. Phisher then send the
"spoofed" e-mails to as many people as possible in an attempt to
lure them in to the scheme. When these e-mails are opened or
when a link in the mail is clicked, the consumers are redirected to
a spoofed website, appearing to be from the legitimate entity.
 Advantages

• This system can be used by many E-commerce or

other websites in order to have good customer
relationship.
• User can make online payment securely.
• Data mining algorithm used in this system provides
better performance as compared to other traditional
classifications algorithms.
• With the help of this system user can also purchase
products online without any hesitation.
 Disadvantage
• If Internet connection fails, this system won’t
work.
• All websites related data will be stored in one
place.
 Conclusion
• Phishing is a way to obtain user’s private information via email or
website. As usage of internet is very vast, almost all things are
available online now it is either about shopping cloths, electronic
gadgets, crockery or to payment of mobile, TV & electricity bill.
Rather than standing out in line for hours, people are being aware
of using online method. Due to this phisher has wide scope to
implement phishing scam. As there is lot of research work done in
this area, there is not any single technique, which is enough to
detect all types of phishing attack. As technology increases,
phishing attackers using new methods day by day. This enables
us to find effective classifier to detection of phishing.
• In this paper, we performed detailed literature survey about
phishing website detection .According to this, we can say tree-
based classifiers in machine learning approach is best suitable
than other.
 References
• [1] Phishing definition, https://en.wikipedia.org/wiki/Phishing
• [2] APWG
Report1,http://docs.apwg.org/reports/apwg_trends_report_q2_2
018.pdf
• [3] APWG
report2,http://docs.apwg.org/reports/apwg_trends_report_q1_2
018.pdf
• [4] Phishing dataset,
https://www.phishtank.com/developer_info.php
• [5] J. Han and M. Kamber, Data Mining Concepts and
Techniques, Elsevier, 2006.
• [6] Routhu Srinivasa Rao1 , Alwyn Roshan Pais : Detection of
phishing websites using an efficient feature-based machine
learning framework :In Springer 2018.