Research of influence technologies and methods of countering fishing

Authors

  • Дмитро Борисович Мехед Chernihiv National University of Technology
  • Юлія Миколаївна Ткач Chernihiv National University of Technology
  • Володимир Маркович Базилевич Chernihiv National University of Technology

DOI:

https://doi.org/10.18372/2410-7840.21.14338

Keywords:

information security, social engineering, phishing, information security tools

Abstract

An increasing number of information security attacks that have occurred in the last year could have been prevented. Digitalization continues to be one of the main trends in modern business, which entails the use of both proven and latest information technologies in all sectors. Information security experts around the world are continuously fighting cybercrime. This makes the attackers perfect their tools. At the beginning of last year, cyber attacks became a test for many organizations in various sectors of the economy. Many events in the field of information security could be prevented. The largescale and fast digitalization of all spheres of life and business that we are currently observing is based on the use of a mass of information technologies (both already proven and credible, as well as the latest). However, as practice shows, even security technologies that have been used for years have not been resolved. A cyber attack on a company with a well-organized defense system requires special knowledge and tools, as well as high financial and time costs. Multistage, carefully planned and organized cyber attacks aimed at a specific industry or specific, usually large, companies are called advanced persistent threats. The article analyzes the current threats to information security and makes a forecast of the main directions of cyber attacks in the future. Among the existing threats to information security, for several consecutive years, the leading position has been occupied by methods of social engineering. Cybercriminals continue to invent new methods of influencing users that would allow them to infect the target system with malware, steal money or gain access to confidential information. Phishing can take many forms and can be achieved using a variety of tools and techniques. During the analysis, the authors identified the most common tools and methods that are used to conduct phishing attacks. The analysis made it possible to formulate the necessary measures in order to reduce the number of successful phishing attacks. This is not an exhaustive list of possible actions, but a minimal set that will make it impossible to implement much of the social engineering toolkit.

Author Biographies

Дмитро Борисович Мехед, Chernihiv National University of Technology

PhD, associate professor of the Department of Cybersecurity and Mathematical Simulation, Chernihiv National University of Technology

Юлія Миколаївна Ткач, Chernihiv National University of Technology

Doctor of Pedagogical Science, associate professor, Head of the Department of Cybersecurity and Mathematical Simulation, Chernihiv National University of Technology

Володимир Маркович Базилевич, Chernihiv National University of Technology

PhD, associate professor of information and computer system department, Chernihiv National University of Technology

References

А. Камалян, С. Кульов, К. Назаренко, Комп'ютерні

мережі та засоби захисту інформації: навчальний посібник, Воронеж: (ВДАУ), 2003, 119 с

Концепція технічного захисту інформації в галузі

зв’язку України. [Електронний ресурс]. Режим доступу: http://zakon1.rada.gov.ua.

Концепція технічного захисту інформації в галузі

зв’язку України. [Електронний ресурс]. - Режим

доступу: http:// zakon5. rada. gov. ua/ laws/ show/

-97-%D0%BF.

А. Корченко, Е. Иванченко, С. Казмирчук, "Анализ и определение понятия риска для его интерпретации в области информационной безопасности", Защита информации, №3, 2010.

О. Корченко, Системи захисту інформації: Монографія, К.: НАУ, 2004, 264 с.

М. Тардаскін, Технічний захист комерційної таємниці

підприємства зв’язку: навч. посіб.; за ред. М.В. Захарченко, М.Ф. Тардаскін, В.Г. Кононович, Одеса:

ОНАЗ, 2002, 76 с.

Тотальна війна і комп'ютерний soft, як її головний

інструмент. [Електронний ресурс]. Режим доступу: https://zillya.ua/totalna-viina-i-kompyuterniisoft-yak-golovnii-instrument

Фішинг: що це таке і як себе убезпечити? [Електронний ресурс]. Режим доступу: https://zillya.ua/

fishing-shcho-tse-take-i-yak-sebe-ubezpechiti.

Фішинг: як не стати жертвою шахрайського сайту.

[Електронний ресурс]. Режим доступу: https://

gazeta.ua/articles/ema/_fishing-yak-ne-stati-zhertvo

yu-shahrajskogo-sajtu/750605.

Downloads

Published

2019-12-27

Issue

Vol. 21 No. 4 (2019)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).