Preventing phishing attacks using text and image watermarking

摘要

Phishing is a form of identity theft used to illegally gather personal and financial information by providing fake web pages designed to mimic the website of a legitimate business. In this paper, wepropose a novel anti-phishing approach based on using imperceptible watermarking andmonitoring the HTTP requests. In the server-side, a URL dependent watermark is generated and embeddedin the elements of theweb page, which are logo image andHTML/CSS files. In the client side, toauthenticate thewebsiteandcheck its safety, thewatermarkis regeneratedandcompared with the extracted watermarks from the elements of the webpage. Security analysis of the proposed method demonstrates its robustness against some commonattacks. The proposed method performs fully automatically andwithout user interaction. It can be simply implemented and used for all kinds of websites, either secured or not secured with SSL protocol.