Detection Of Phishing Websites And Secure Transactions

Phishing is an electronic online identity theft in which the attackers use a combination of social engineering and web site spoofing techniques to trick a user into revealing confidential information. It steals the user’s personal identity data and financial credentials. Most of the phishing attacks emerge as spoofed E-Mails appearing as legitimate ones which makes the users to trust and divulge into them by clicking the link provided in the E-Mail. To detect a Phishing website, human experts compare the claimed identity of a website with features in the website. For example, human experts often compare the domain name in the URL against the claimed identity. Most legitimate websites have domain names that match their identities, while Phishing websites usually have less relevance between their domain names and their claimed (fake) identities. In addition to blacklists, white lists, heuristics, and classifications used in the state-of-the-art systems, we propose to consider websites’ identity claims. To enable secure transactions ,Password hashing has been done with MD5 hashing algorithms that strengthens web password authentication. It is also shown that getting original password from hashed form is not an easy task due to addition of salt value. If the user is valid, get a session key via mobile, through which further access can be done