International Journal of Science, Engineering and TechnologyAuthors: Arpan Garg, Nishchal KC, Pramish Bhandari, Mr. Nikhil Ranjan
Abstract: The increasing reliance on browser-based internet banking has amplified the threat of phishing attacks, which exploit human and system vulnerabilities to gain unauthorized access to sensitive financial information. This review exam- ines various phishing attack techniques targeting browser-based banking systems, categorizing them by their operational mech- anisms and identifying their strengths, weaknesses, and limi- tations. Existing approaches include deceptive website cloning, cross-site scripting, DNS hijacking, man-in-the-middle attacks, and malicious browser exten- sions. While some methods rely on social engineering and exploit user trust, others leverage technical flaws in browser or network infrastructure. Strengths of these at- tacks often lie in their low cost, scalability, and ability to bypass traditional security measures, while their weaknesses include dependence on user interaction, detectable behavioral patterns, and increasing resistance through multi-factor authentication and improved browser security. The analysis reveals persistent chal- lenges: phish- ing techniques continuously evolve, and defensive mechanisms often lag behind, requiring constant adaptation. This review synthesizes findings from peer-reviewed sources, including Applied Sciences (MDPI), Journal of Information Security and Applications (Elsevier), Computers Security (Elsevier), and International Journal of Network Security Applications (IJNSA), highlighting the need for integrated, proactive defense strategies combining technical safeguards, user awareness, and regulatory measures to effectively mitigate the evolving phishing threat landscape in online banking environments.
DOI: http://doi.org/10.5281/zenodo.17263409
