| dc.description.abstract | Despite the availability of advanced security software and hardware mechanisms, there
persists a breach in the defense system of every organization or individual, which is called
Social Engineering. This kind of attack mostly targets private users, the most vulnerable
segment of all. The purpose of this action is to collect sensitive information by manipulating
human psychological behaviors. Social engineering attacks are also difficult to defend because
these attacks are not easily detected by available security methods.
Social engineering attacks come in many different forms and can be performed
anywhere where human interaction is involved, some of the regular forms are phishing, baiting,
pretexting, vishing, etc. Among these types of attacks, phishing is the most commonly used for
its effectiveness. According to Kaspersky, Vietnam suffers the most phishing attacks on small
businesses in Southeast Asia [1].
In this thesis, we will study social engineering attacks with a discussion about phishing,
how they happened, and some ways to recognize them. At the same time, we offer a possible
solution based on the analysis of malicious URLs like creating a Google extension plug-in and
some URL testing APIs. The results show that this can help to improve capabilities
significantly in terms of detecting malicious URLs. In the future, the system can be upgraded
into one that can be considered an optimal and user-friendly solution to detect malicious URLs. | en_US |
