Detection of fake domain names in e-mails
Abstract
Phishing is social engineering attack that inflicts damages of several billion dollars each year. Phishing has increased yearly in frequency and in complexity bringing new and more clever schemes for hackers to deceive their victims. This thesis aims to assist and help fight this continuously growing concern. A common way of phishing is to impersonate other people or companies. This can be done by creating fake domain names that look identical but are not the same as a legitimate entity. In response to this a prototype application has been developed to see how effective we can stop these kinds of attacks, and spot fake domains before they can do any harm. This prototype application will compare new domains against previous already ensured domains to see if the new domain is trying to disguise itself as one of these. To test the application DnsTwist has been used to find malicious domain names.