FORENSIC ANALYSIS OF PHISHING ATTACKS: INVESTIGATIVE APPROACH

  • Quido Conferti Kainde Informatics Engineering, Engineering Faculty, Universitas Negeri Manado, Indonesia
  • Josua Setdefit Tambanaung Informatics Engineering, Engineering Faculty, Universitas Negeri Manado, Indonesia
  • Valent Tio Inkiriwang Informatics Engineering, Engineering Faculty, Universitas Negeri Manado, Indonesia
  • Alexandra Anrala Putri Mile Informatics Engineering, Engineering Faculty, Universitas Negeri Manado, Indonesia
DOI: https://doi.org/10.52436/1.jutif.2024.5.4.2294
Keywords: Forensic Analysis, Forensic Investigation, Phishing Attack

Abstract

Phishing attacks continue to pose a significant threat to cybersecurity, with perpetrators becoming increasingly sophisticated in crafting convincing fraudulent methods. This article examines the forensic analysis process used to effectively investigate phishing attacks. Through a review of existing literature, the author understands the workings of phishing and analyzes real cases that have occurred, followed by data collection using secondary sources. Using theories and insights gained from literature studies, the author analyzes and identifies important aspects of the conducted research data. A content analysis method is employed to analyze the data, determining the steps for prevention and investigation of phishing attacks. In this analysis, thematic and textual methods are applied to gather crucial components of a phishing attack. The analysis results indicate that forensic approaches and a deep understanding of phishing mechanisms can help protect data and significantly reduce the impact of phishing attacks. This article concludes by providing practical recommendations to enhance readiness in facing future phishing attacks.

Downloads

Download data is not yet available.

References

Z. Alkhalil, C. Hewage, L. Nawaf, and I. Khan, “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy,” Frontiers in Computer Science, vol. 3, pp. 1–23, Mar. 2021, doi: 10.3389/fcomp.2021.563060.

P. Sari and T. Sutabri, “Analisis kejahatan online phising pada institusi pemerintah/pendidik sehari-hari,” Jurnal Digital Teknologi Informasi, vol. 6, no. 1, p. 29, Mar. 2023, doi: 10.32502/digital.v6i1.5620.

H. Ahmadian and A. Sabri, “TEKNIK PENYERANGAN PHISHING PADA SOCIAL ENGINEERING MENGGUNAKAN SET DAN PENCEGAHANNYA,” Djtechno : Journal of Information Technology Research, vol. 2, no. 1, pp. 13–20, Jul. 2021, ISSN: 2745-375.

A. Ali, S. Khayati, and S. L. Fatmawati, “Perlindungan Hukum Terhadap Data Pribadi Nasabah Debitur Indonesia Legal Protection of Indonesian Debtor Customer Personal Data,” Jurnal Hukum, vol. 4, pp. 8–16, 2022, doi: 10.54297/surel.v4i1.43.

B. Naqvi, K. Perova, A. Farooq, I. Makhdoom, S. Oyedeji, and J. Porras, “Mitigation strategies against the phishing attacks: A systematic literature review,” Computers and Security, vol. 132. pp. 1–25, 2023. doi: 10.1016/j.cose.2023.103387.

R. Zieni, L. Massari, and M. C. Calzarossa, “Phishing or Not Phishing? A Survey on the Detection of Phishing Websites,” IEEE Access, vol. 11, pp. 18499–18519, 2023, doi: 10.1109/ACCESS.2023.3247135.

A. Safi and S. Singh, “A systematic literature review on phishing website detection techniques,” Journal of King Saud University - Computer and Information Sciences, vol. 35, no. 2, pp. 590–611, Feb. 2023, doi: 10.1016/j.jksuci.2023.01.004.

A. Ozcan, C. Catal, E. Donmez, and B. Senturk, “A hybrid DNN–LSTM model for detecting phishing URLs,” Neural Computing and Applications, vol. 35, no. 7, pp. 4957–4973, Aug. 2023, doi: 10.1007/s00521-021-06401-z.

P. K. Yeng, M. A. Fauzi, B. Yang, and P. Nimbe, "Investigation into Phishing Risk Behaviour among Healthcare Staff," Information (Switzerland), vol. 13, no. 8, 2022. doi: 10.3390/info13080392.

M. Nadhif Hermanto, “ANALISIS FORENSIC BERBASIS WEB PHISING MENGGUNAKAN METODE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY,” Cipta Cendikia Kotabumi Jurnal informasi dan Komputer, vol. 11, no. 1, pp. 116–123, 2023, doi: 10.35959/jik.v11i01.311.

A. Al-Subaiey, M. Al-Thani, N. A. Alam, A. Khandakar, S. M. Ashfaq, and U. Zaman, “Novel Interpretable and Robust Web-based AI Platform for Phishing Email Detection,” Cornell University, pp. 1–19, May 2024, doi: 10.48550/arXiv.2405.11619.

N. Muslim, O. Senjaya, F. Hukum, U. Singaperbangsa, and K. Abstrak, “PERTANGGUNGJAWABAN HUKUM PLATFORM MEDIA SOSIAL TERHADAP KORBAN PHISING MELALUI MASS TAGGING PORNOGRAFI,” Jurnal Ilmu Hukum dan Humaniora, vol. 9, no. 2, pp. 955–963, 2022, doi: 10.31604/justitia.v9i2.

A. Basit, M. Zafar, X. Liu, A. R. Javed, Z. Jalil, and K. Kifayat, “A comprehensive survey of AI-enabled phishing attacks detection techniques,” Telecommunication Systems, vol. 76, no. 1. pp. 139–154, 2021. doi: 10.1007/s11235-020-00733-2.

S. H. Abbas, W. A. K. Naser, and A. A. Kadhim, "Subject review: Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)," Global Journal of Engineering and Technology Advances, vol. 14, no. 2, 2023. doi: 10.30574/gjeta.2023.14.2.0031.

R. Alabdan, “Phishing attacks survey: Types, vectors, and technical approaches,” Future Internet, vol. 12, no. 10, pp. 1–39, 2020, doi: 10.3390/fi12100168.

APWG, “Phishing Activity Trends Report_4th Quarter of 2023,” Feb. 2023. [Online]. Available: www.apwg.org.

APWG, “Phishing Activity Trends Report_1st Quarter of 2024,” May 2024. [Online]. Available: http://www.apwg.org.

Published
2024-08-21
How to Cite
[1]
Q. C. Kainde, J. S. Tambanaung, V. T. Inkiriwang, and A. A. P. Mile, “FORENSIC ANALYSIS OF PHISHING ATTACKS: INVESTIGATIVE APPROACH”, J. Tek. Inform. (JUTIF), vol. 5, no. 4, pp. 631-640, Aug. 2024.
Issue
Vol. 5 No. 4 (2024): JUTIF Volume 5, Number 4, August 2024 - SENIKO
Section
Articles

Copyright (c) 2024 Quido Conferti Kainde, Josua Setdefit Tambanaung, Valent Tio Inkiriwang, Alexandra Anrala Putri Mile

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.