Vaughn, B. Rayford
Dampier, A. David
Date of Degree
Graduate Thesis - Open Access
Master of Science
James Worth Bagley College of Engineering
Department of Computer Science and Engineering
Phishing is the use of social engineering and electronic communications such as emails to try and illicit sensitive information such as usernames, passwords, and financial information. This form of identity theft has become a rampant problem in today’s society. Phishing attacks have cost financial institutions millions of dollars per year and continue to do so. Today’s defense against phishing attacks primarily consists of trying to take down the phishing web site as quickly as possible before it can claim too many victims. This thesis demonstrates that is possible to track down a phisher to the IP address of the phisher’s workstation rather than innocent machines used as intermediaries. By using web bugs and honeytokens on the fake web site forms the phisher presents, one can log accesses to the web bugs by the phisher when the attacker views the results of the forms.
McRae, Craig Michael, "Using Web bugs and honeytokens to investigate the source of phishing attacks" (2008). Theses and Dissertations MSU. 4918.