Browshing a new way of phishing using a malicious browser extension

Gaurav Varshney; Manoj Misra; Pradeep Atrey

doi:10.1109/IPACT.2017.8245147

Browshing a new way of phishing using a malicious browser extension

Gaurav Varshney
, Manoj Misra
, Pradeep Atrey

Computer Science

University at Albany

Indian Institute of Technology Roorkee

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

9 Scopus citations

Abstract

Phishing is a well-known cybercrime. It is performed using various tricks and techniques including email spoofing, exploiting browser vulnerabilities, web spoofing, DNS poisoning, etc. This paper sheds light on a new technique that can be used by attackers to perform a successful phishing attack through malicious browser extensions. Successful experiments have been performed over the Google Chrome browser and the technique has been validated. This paper will help researchers and browser development companies to understand this specific phishing attack and to focus on research in the area of detection and mitigation of this phishing attack.

Original language	English
Title of host publication	2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1-5
Number of pages	5
ISBN (Electronic)	9781509056828
DOIs	https://doi.org/10.1109/IPACT.2017.8245147
State	Published - 2017
Event	2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017 - Vellore, India Duration: Apr 21 2017 → Apr 22 2017

Publication series

Name	2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017
Volume	2017-January

Conference

Conference	2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017
Country/Territory	India
City	Vellore
Period	04/21/17 → 04/22/17

Keywords

Browser
Browshing
Malicious extensions
Phishing

Access to Document

10.1109/IPACT.2017.8245147

Cite this

Varshney, G., Misra, M., & Atrey, P. (2017). Browshing a new way of phishing using a malicious browser extension. In 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017 (pp. 1-5). (2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017; Vol. 2017-January). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/IPACT.2017.8245147

@inproceedings{e49c10dd6d144be7993f7306ad87ec55,

title = "Browshing a new way of phishing using a malicious browser extension",

abstract = "Phishing is a well-known cybercrime. It is performed using various tricks and techniques including email spoofing, exploiting browser vulnerabilities, web spoofing, DNS poisoning, etc. This paper sheds light on a new technique that can be used by attackers to perform a successful phishing attack through malicious browser extensions. Successful experiments have been performed over the Google Chrome browser and the technique has been validated. This paper will help researchers and browser development companies to understand this specific phishing attack and to focus on research in the area of detection and mitigation of this phishing attack.",

keywords = "Browser, Browshing, Malicious extensions, Phishing",

author = "Gaurav Varshney and Manoj Misra and Pradeep Atrey",

note = "Publisher Copyright: {\textcopyright} 2017 IEEE.; 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017 ; Conference date: 21-04-2017 Through 22-04-2017",

year = "2017",

doi = "10.1109/IPACT.2017.8245147",

language = "English",

series = "2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1--5",

booktitle = "2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017",

}

Varshney, G, Misra, M & Atrey, P 2017, Browshing a new way of phishing using a malicious browser extension. in 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017. 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017, vol. 2017-January, Institute of Electrical and Electronics Engineers Inc., pp. 1-5, 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017, Vellore, India, 04/21/17. https://doi.org/10.1109/IPACT.2017.8245147

Browshing a new way of phishing using a malicious browser extension. / Varshney, Gaurav; Misra, Manoj; Atrey, Pradeep.
2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 1-5 (2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017; Vol. 2017-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Browshing a new way of phishing using a malicious browser extension

AU - Varshney, Gaurav

AU - Misra, Manoj

AU - Atrey, Pradeep

PY - 2017

Y1 - 2017

N2 - Phishing is a well-known cybercrime. It is performed using various tricks and techniques including email spoofing, exploiting browser vulnerabilities, web spoofing, DNS poisoning, etc. This paper sheds light on a new technique that can be used by attackers to perform a successful phishing attack through malicious browser extensions. Successful experiments have been performed over the Google Chrome browser and the technique has been validated. This paper will help researchers and browser development companies to understand this specific phishing attack and to focus on research in the area of detection and mitigation of this phishing attack.

AB - Phishing is a well-known cybercrime. It is performed using various tricks and techniques including email spoofing, exploiting browser vulnerabilities, web spoofing, DNS poisoning, etc. This paper sheds light on a new technique that can be used by attackers to perform a successful phishing attack through malicious browser extensions. Successful experiments have been performed over the Google Chrome browser and the technique has been validated. This paper will help researchers and browser development companies to understand this specific phishing attack and to focus on research in the area of detection and mitigation of this phishing attack.

KW - Browser

KW - Browshing

KW - Malicious extensions

KW - Phishing

UR - https://www.scopus.com/pages/publications/85043395799

U2 - 10.1109/IPACT.2017.8245147

DO - 10.1109/IPACT.2017.8245147

M3 - Conference contribution

T3 - 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017

SP - 1

EP - 5

BT - 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2017 Innovations in Power and Advanced Computing Technologies, i-PACT 2017

Y2 - 21 April 2017 through 22 April 2017

ER -

Browshing a new way of phishing using a malicious browser extension

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this