Enhancing online security using selective DOM approach to counter phishing attacks

Today's computer era has paved the way for innovations like self-driving cars, quantum computing, and other ingenious advancements. As technology advances at a rapid pace, some issues yet remain unresolved. One of the issues is phishing, which dates back to the 1980s. Phishing is an art used by cybercriminals from the 1980s until to date targeting online users to harvest financial, confidential, and other sensitive information. The art and the methodologies used by cybercriminals have not evolved much from the AOL (American online) heydays. However, the counter mechanisms to defeat phishing have undergone considerable changes over the past two decades. Although sophisticated antiphishing systems are in place, statistics shows that phishing is a major threat. Our practical research proves that one of the state-of-the-art antiphishing systems can be bypassed using simple techniques. The research further demonstrates why today's antiphishing mechanisms fail and the need for a novel mechanism that will identify the authenticity of the website. In this manuscript, an antiphishing algorithm, PhishSec (PH-Sec), is introduced. PhishSec will not consider the URL of the website as the primary factor to determine the authenticity, rather take a reverse approach where the URL of the website is derived by analyzing the content of the visited website to establish its authenticity. To accomplish this, the HTML DOM (document object model) of a given web page on load is considered. This manuscript quotes the research results of the analysis of a state-of-the-art antiphishing system along with the introduced algorithm to counter-attack phishing. The introduced system detects phishing attacks with 99.21% of accuracy.