Vol. 19, No. 1, January 31, 2025
10.3837/tiis.2025.01.011,
Download Paper (Free):
Abstract
Anti-phishing blacklists are a critical first line of defense for end-users against phishing attacks, yet they remain vulnerable to sophisticated evasion techniques. Despite the well-documented shortcomings of these systems, limited research has delved into the specific vulnerabilities that allow phishers to bypass detection and persist in their deceptive practices. This study addresses this gap by investigating three novel, human-centric evasion mechanisms employed by phishing websites: Virtual Machine Detection (VMD)-based evasion, Cache-based evasion, and HTTP Client Hints (CHs)-based evasion. These techniques exploit behavioral differences between legitimate users and Anti-Phishing Entities (APEs) to avoid detection. Through real-world experiments using a scalable evaluation system, the effectiveness of these mechanisms was rigorously assessed. Results show that VMD and CHs-based evasion achieved a zero blacklisting rate on tested browsers, while Cache-based evasion reduced detection by 40%. A user study further validated the practical impact of these evasion techniques. Additionally, the proposed evaluation system demonstrated 100% accuracy in identifying blacklisted and non-blacklisted websites, maintaining consistent performance across varying workloads. This research introduces innovative cloaking techniques and a Combined Effectiveness Metric (CEM) to evaluate the resilience of APEs against such sophisticated phishing tactics. The findings contribute significantly to the development of more robust defenses, strengthening the ability of APEs and malicious Uniform Resource Locator (URL) scanners to detect and mitigate emerging phishing threats.
Statistics
Show / Hide Statistics
Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.
Cite this article
[IEEE Style]
W. LI, S. U. A. LAGHARI, S. MANICKAM, Y. CHONG, "Exploration and Evaluation of Human-centric Cloaking Techniques in Phishing Websites," KSII Transactions on Internet and Information Systems, vol. 19, no. 1, pp. 232-258, 2025. DOI: 10.3837/tiis.2025.01.011.
[ACM Style]
WENHAO LI, SHAMS UL ARFEEN LAGHARI, SELVAKUMAR MANICKAM, and YUNG-WEY CHONG. 2025. Exploration and Evaluation of Human-centric Cloaking Techniques in Phishing Websites. KSII Transactions on Internet and Information Systems, 19, 1, (2025), 232-258. DOI: 10.3837/tiis.2025.01.011.
[BibTeX Style]
@article{tiis:101917, title="Exploration and Evaluation of Human-centric Cloaking Techniques in Phishing Websites", author="WENHAO LI and SHAMS UL ARFEEN LAGHARI and SELVAKUMAR MANICKAM and YUNG-WEY CHONG and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2025.01.011}, volume={19}, number={1}, year="2025", month={January}, pages={232-258}}