Theses and Dissertations

Issuing Body

Mississippi State University


Vaughn, B. Rayford

Committee Member

Dampier, A. David

Committee Member

Ramkumar, Mahalingham

Date of Degree


Document Type

Graduate Thesis - Open Access


Computer Science and Engineering

Degree Name

Master of Science


James Worth Bagley College of Engineering


Department of Computer Science and Engineering


Phishing is the use of social engineering and electronic communications such as emails to try and illicit sensitive information such as usernames, passwords, and financial information. This form of identity theft has become a rampant problem in today’s society. Phishing attacks have cost financial institutions millions of dollars per year and continue to do so. Today’s defense against phishing attacks primarily consists of trying to take down the phishing web site as quickly as possible before it can claim too many victims. This thesis demonstrates that is possible to track down a phisher to the IP address of the phisher’s workstation rather than innocent machines used as intermediaries. By using web bugs and honeytokens on the fake web site forms the phisher presents, one can log accesses to the web bugs by the phisher when the attacker views the results of the forms.