Phishdentity: Leverage Website Favicon to Offset Polymorphic Phishing Website

Phishing attacks involve the use of fuzzy techniques to create polymorphic phishing web pages to give the impression of legitimate websites. Many websites are subject to the threat of phishing, including financial, social networks, tourism, e-commerce etc. For example, phishers are particularly fond of travel-related services by imitating as trip consultant, airline reservation, hotel booking etc. However, the targeted legitimate websites still maintain the webpage appearance visually similar to the original. In this paper, we propose an approach which is based on the website favicon to find the identity of a website and use it to evaluate the genuineness of a website. This approach utilizes Google search-by-image API to return the search results pages. Then, we perform latent semantic analysis based on the search results pages. We collected 1,000 webpages to verify the effectiveness of this approach. The results show that our proposed method achieved 97.2% true positive with only 5.4% false positive.