Some customers avoid online banking as they perceive it as being too vulnerable to fraud. The security measures employed by most banks are never 100% safe; Credit card fraud, signature forgery and identity theft are far more widespread "offline" crimes than malicious hacking. An increasingly popular criminal practice to gain access to a user's finances is phishing, whereby the user is in some way persuaded to hand over their password(s) to the fraudster. To protect users against phishing, various anti-phishing techniques have been proposed that follows different strategies like client side and server side protection. In general anti-phishing techniques are Content Filtering, Black Listing, Symptom-Based Prevention, Domain binding, Character based Anti-Phishing, Content based Anti-Phishing. But they have got some drawbacks such as; Time Delay, Redundancy, Accuracy, Information Retrieval.The Proposed system will check the user’s existence in the database and provide the set of services with respect to the role of the user. The application is based on three-tier architecture. The cipher key will be used to find the fraud application. This approach is called Anti-Phishing. Anti-Phishing is nothing but “preventing the phishing”. This can be done by creating a cipher key (an encrypted code) in the customer’s username, password or in a/c no., which is not recognized in the hacker’s fake website. The objective of the project is to design and develop secure online Banking Application using Anti-phishing concept.

Anti-Phishing, Trojan, Black List, Proxy, Spyware, Cipher Key, Spoofguard

[1] N. Chou, R. Ledesma, Y. Teraguchi, D. Boneh, and J. C. Mitchell, "Client–side defense against web–based identity theft", In Proceedings of 11th Annual Network and Distributed System Security Symposium, 2004.
[2] Popup Window,
“http://www.w3.org/TR/WAI-WEBCONTENT/”, W3C Recommendation 5-May-1999
[3] Ollman, G. (2004), “The Phishing Guide – Understanding and Preventing Phishing Attacks”, IBM Internet Security Systems.
[4] Atkins, B. and Huang, W. (2013), “A Study of Social Engineering in Online Frauds”, Open Journal of Social Sciences, 1, 23-32. doi: 10.4236/jss.2013.13004.
[5] Trojan horse program,
“http://searchsecurity.techtarget.com/definition/Zeus-
Trojan-Zbot”, 2010
[6] DNS Cache Poisoning,
“http://www.ipa.go.jp/security/english/vuln/200809_DNS_en.html”, Sep 18, 2008
[7] M. Aburrous, M.A. Hossain, F. Thabatah and K. Dahal, "Intelligent phishing website detection system using fuzzy techniques", in 3rd International Conference on Information and Communication Technologies: From Theory to Applications (ICTTA), pp. 1-6, 2008.
[8] Y. Pan and X. Ding, “Anomaly Based Web Phishing Page Detection", Proceedings of the 22nd Annual Computer Security Applications Conference (ACSAC'06), Computer Society, 2006.