The scale of phishing problems has necessitated a response to help protect vulnerable users. As a consequence, anti-phishing and wider identity protection features are a commonplace within both web browsers and Internet security suites. A huge number of phishing defences are available. These solutions range from quick fix changes to more substantial redesigns. With all these counter measures readily available, researchers have found that many users cannot distinguish a legitimate website from a spoofed website; they have also found that browser security indicators are misunderstood or ignored frequently, and many users have never even noticed them. In this study, we propose Virtual Browser Extension (VBEx), a web browser plugin, which works on binary principle of legitimate or phishing and provides a trusted path between browser and the legitimate website. Unlike others, it does not provide any user interface to accept any wrong certificate or allow user to bypass the tool. It allows only a legitimate site to open and prevents all others from loading on the web browser. Our new solution checks for the authoritative name server and verifies the same for a visiting website. It also maintains a white list of websites so that when a user requires to access any of these, the default protocol should always be HTTPS, failing which it will prevent the web browser from loading the requested website. We conducted a series of laboratory tests on the VBEx prototype and found that the VBEx is a promising approach.

The Internet is rapidly transforming the way we communicate, educate, buy and sell goods and services. Life is about a mix of good and evil, so is the Internet or cyberspace. For all the good it does to us, cyberspace has its dark sides too. Unlawful conduct involving the use of the Internet is just as intolerable as any other type of illegal activity. The rapid growth of Internet has shrunk the globe in such a way that cyber crime is now recognized as a major international problem, with increases in the incidents of phishing, hacking, viruses and other forms of abuse being reported in recent years. This paper focuses on phishing, which has become a serious issue for all organizations utilizing online e-commerce tools. Phishing attacks have the potential of inflicting serious financial damages to individual users. Beyond the direct costs of individual phishing attacks, this particular fraud erodes customer confidence in the online operations of business houses targeted by such attacks.

Information Technology Journal, Phishing, Virtual Browser Extension (VBEx), Phishing countermeasures, Security indicators, Phishing toolbars.