A framework of anti‐phishing measures aimed at protecting the online consumer's identity

Abstract

PurposeThe purpose of this paper is to aim to educate the internet consumer, who may be a potential phishing victim, and to suggest a framework of anti‐phishing measures, following the staggering increase in the number of recent phishing attacks. Phishing describes a method of online identity theft, in which phishers typically pose as legitimate organisations when sending deceptive e‐mail messages to internet users. When they respond to such e‐mails, victims are lured to malicious web sites, where they are duped into disclosing their personal details. In this way, phishers are able to commit identity theft, with possibly devastating consequences for the victim.Design/methodology/approachAfter a literature review of the available sources, the phishing threat is investigated by analysing the modus operandi of phishers and the basic components of a typical phishing scheme. A possible solution for the phishing problem is examined.FindingsPhishers continually target the weakest link in the security chain, namely consumers, in their attacks. Educating the online consumer about phishing, as well as the implementation and proper application of anti‐phishing measures, are critical steps in protecting the identities of online consumers against e‐mail phishing attacks.Originality/valueThis article proposes measures that internet consumers can take to ward off phishing attacks, as well as remedial actions that they can take after falling victim to such an attack. By implementing these measures online, consumers can minimise the risk of becoming victims of successful phishing attacks, as well as remedy the negative effects of any past disclosure of information to phishers.