@article{1012,
  author = {Swapan Purkait},
  title = {Phishing Counter Measures and their Effectiveness: A Review},
  journal = {Journal of Information Technology Review},
  year = {2012},
  volume = {3},
  number = {4},
  doi = {},
  url = {http://www.dline.info/jitr/fulltext/v3n4/3.pdf},
  abstract = {Phishing is a social engineering crime on the Web. The rapid development and evolution of phishing techniques pose a big challenge for researchers in both academia and industry. The purpose of this study is to examine the available literature on Phishing and its countermeasures to determine how research has evolved in terms of quantity, content, and publication outlets. In addition, the paper identifies important trends in the literature on Phishing and its countermeasures and provides a view of the research gaps and expected topical areas of interest. This paper presents a comprehensive literature study of research conducted in this area, where 16 doctoral theses and 358 papers are analyzed in terms of research focus, empirical basis on Phishing and proposed countermeasures. We found that the current anti-phishing approaches that have seen significant deployments on the Internet can be classified into 8 groups. Our findings reveal that different approaches proposed in past are all preventive by nature. Phishers continually target the weakest link in the security chain, namely consumers, in their attacks. Various usability studies have demonstrated that neither server-side security indicators nor clientside toolbars and warnings are successful in preventing vulnerable users from being deceived. Educating the Internet users about phishing, as well as the implementation and proper application of anti-phishing measures, are critical steps in protecting the identities of online consumers against phishing attacks. Further research is required to evaluate the effectiveness of the available countermeasures against fresh phishing attacks. Also there is the need to find out the factors which influence Internet user’s ability to correctly indentify phishing websites.},
}