Although anti-phishing solutions were highly publicized, phishing has been still an important serious problem. One of the main reasons was that phishers cost little to change their targets by copying and then to modify a legitimate site?s web pages. In this study, a novel active anti-phishing solution based on semi-fragile watermark was proposed to protect online service provider. Firstly, the semi-fragile watermark was consisted of URL, website identity characters and singular heuristics occurred in phishing attack and actively embedded into the webpage tag by the provider. As a suspicious website was met, the inconsistence of the generated semi-fragile watermark and the extracted information indicated the phishing attack. Simulating phishing experiments shown the solution could effectively thwart the phishing attack by downloading the tactic?s webpage and modifying a little to lure the victims.
展开▼