This is an outdated version published on 2024-06-24. Read the most recent version.

Phishing process and guidelines for identifying fake websites

Authors

Abstract

Phishing is a form of cyber attack that is based on social engineering that remains a latent threat in the digital world. In this article, we explore a phishing process in a local environment, focusing on creating a fake website and highlighting the importance of training in mitigating this risk.

Phishing involves phishing and tricking victims into revealing sensitive information, such as passwords or financial data, to combat this threat, it is essential that people be critical and cautious when interacting online, especially when faced with suspicious websites and emails. In this sense, we offer fundamental guidelines to identify fake websites, which include verifying the source of the communication, avoiding clicking on suspicious links and using two-factor authentication.

This article exposes the relevance and importance of constant training and education on phishing and its techniques to detect it, in a constantly changing digital world, training and awareness are the key tools in protecting sensitive information and mitigating phishing.

Downloads

Author Biographies

Cristian Camilo Barrantes Bernal, Universidad de Cundinamarca. Cundinamarca, Colombia.

Estudiante de la Facultad de Ingeniería del Programa de Ingeniería de Sistemas y Computación.

Snattan Andrey Espitia Velásquez, Universidad de Cundinamarca. Cundinamarca, Colombia.

Estudiante de la Facultad de Ingeniería del Programa de Ingeniería de Sistemas y Computación.

References

Baca Urbina, G. (2016). Introducción a la seguridad informática. Grupo Editorial Patria. https://books.google.com.ec/books?id=IhUhDgAAQBAJ&printsec=copyright#v=onepage&q&f=false

Belisario Méndez, A. N. (2014). Análisis de Métodos de Ataques de Phishing. [Trabajo final de Carrera, Universidad de Buenos Aires]. http://bibliotecadigital.econ.uba.ar/download/tpos/1502-0840_BelisarioMendezAN.pdf

Hernández Dominguez, A. y Baluja García, W. (2021). Principales mecanismos para el enfrentamiento al phishing en las redes de datos. Revista Cubana de Ciencias Informáticas, 15(1), 413-441. http://scielo.sld.cu/pdf/rcci/v15n4s1/2227-1899-rcci-15-04-s1-413.pdf

Internet Crime Report 2021_IC3Report.pdf. (2021). Federal bureau of investigation. https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf

Ley 1273 de 2009. Normatividad sobre delitos informáticos. https://www.policia.gov.co/denuncia-virtual/normatividad-delitos-informaticos

Martínez Pérez, F. J. (2022). Análisis de los ciberataques. El ataque Man-in-the-middle y el SSLSTRIP [Tesis final de grado, Universidad Politécnica de Madrid]. https://oa.upm.es/76147/1/TFG_FRANCISCO_JAVIER_MARTINEZ_PEREZ.pdf

Pastor Iglesias, R. (2022). Análisis actual de los Ataques Man-In-The-Middle por DNS Spoofing [Trabajo final de grado, Universidad Politécnica de Madrid]. https://oa.upm.es/71578/1/TFG_RAUL_PASTOR_IGLESIAS.pdf

How to Cite

Barrantes Bernal, C. C., & Espitia Velásquez, S. A. (2024). Phishing process and guidelines for identifying fake websites. Pedagogía Y Sociedad, 27(69), 47–67. Retrieved from https://revistas.uniss.edu.cu/index.php/pedagogia-y-sociedad/article/view/1745 (Original work published February 1, 2024)