English

Preventing Phishing Attacks using One Time Password and User Machine Identification

Cryptography and Security 2013-05-14 v1

Abstract

Phishing is a type of attack in which cyber criminals tricks the victims to steal their personal and financial data. It has become an organized criminal activity. Spoofed emails claiming to be from legitimate source are crafted in a way to lead victims to reveal their personal, financial data by misdirecting them to the counterfeit website. This research paper presents a novel approach to combat the Phishing attacks. An approach is proposed where user will retrieve the one time password by SMS or by alternate email address. After receiving the one time password the web server will create an encrypted token for the users computer or device for authentication. The encrypted token will be used for identification, any time user wishes to access the website he or she must request the new password. The one time password as name implies will expire after single use. The one time password and encrypted token is a smart way to tackle this problem.

Keywords

Cite

@article{arxiv.1305.2704,
  title  = {Preventing Phishing Attacks using One Time Password and User Machine Identification},
  author = {Ahmad Alamgir Khan},
  journal= {arXiv preprint arXiv:1305.2704},
  year   = {2013}
}

Comments

5 Pages, 8 Figures, Published with International Journal of Computer Applications 0975 8887 Volume 68 No.3, April 2013

R2 v1 2026-06-22T00:15:20.461Z