Method and System for Preventing Phishing Attacks
Abstract
A method, system and program product for preventing phishing attacks, wherein the method comprises: acquiring links in a Web page; classifying the acquired links according link types; and determining whether a phishing attack exists according to the classified links, wherein the links are classified into two types: internal links belonging to the same domain as the address of the Web page, and external links belonging to a different domain from the address of the Web page. By carrying out the method or system according to the above one or more embodiments of the present disclosure, since it is first detected whether a Web page is a fake website of a phishing attack before displaying the reproduced Web page to the user and the user is warned upon detecting a fake website, unnecessary losses due to phishing attacks can be prevented.
Claims
exact text as granted — not AI-modified1 - 9 . (canceled)
10 . A system for preventing phishing attacks, comprising:
an acquiring component configured to acquire links in a Web page; a classifying component configured to classify the acquired links according to link types to form classified links; and a determining component configured to determine whether a phishing attack exists according to the classified links, wherein the acquired links are classified into two types: internal links belonging to a same domain as an address of the Web page, and external links belonging to a different domain from the address of the Web page.
11 . The system of claim 10 , further comprising:
a calculating component configured to calculate a percentage of links of a respective type in a total number of the links; and a comparing component configured to compare the calculated percentage of links of a respective type in the total number of links with a preset threshold, wherein the determining component determines whether a phishing attack exists using the comparison result.
12 . The system of claim 11 , further comprising:
a warning component configured to warn the user of a possible phishing attack in response to the comparison result indicating that the internal links are less than the preset threshold.
13 . The system of claim 11 , further comprising:
a displaying component configured to display the Web page to a user in response to the comparison result indicating that the internal links are not less than the preset threshold.
14 . The system of claim 11 , further comprising:
a warning component configured to warn of a possible phishing attack in response to the comparison result indicating that the external links are not less than the preset threshold.
15 . The system of claim 11 , further comprising:
a displaying component configured to display the Web page to a user in response to the comparison result indicating that the external links are less than the preset threshold.
16 . The system of claim 10 , wherein the acquiring component is further configured to acquire the links in the Web page by scanning source code of the Web page.
17 . The system of claim 10 , wherein certain of the links belonging to a same company are of an identical type.
18 . A computer program product comprising a tangible computer readable storage device having program code stored thereon that is operable, when executed by a data processor, for performing steps of:
acquiring links in a Web page; classifying the acquired links according to link types to form classified links; and determining whether a phishing attack exists according to the classified links, wherein the acquired links are classified into two types: internal links belonging to a same domain as an address of the Web page, and external links belonging to a different domain from the address of the Web page.
19 . The computer program product of claim 18 , wherein the step of determining whether a phishing attack exists according to the classified links comprises:
calculating a percentage of links of a respective type in a total number of the links; comparing the calculated percentage of links of the respective type in the total number of links with a preset threshold; and determining whether a phishing attack exists using the comparison result.
20 . The computer program product of claim 19 , wherein the step of determining whether a phishing attack exists using the comparison result comprises:
warning a user of a possible phishing attack in response to the comparison result indicating that the internal links are less than the preset threshold.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.