PhishinWebView: Analysis of Anti-Phishing Entities in Mobile Apps with WebView Targeted Phishing

Yoonjung Choi, Woonghee Lee, Junbeom Hur

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Despite the relentless efforts on developing anti-phishing techniques, phishing attacks continue to proliferate, often incorporating evasion techniques to bypass detection. While recent studies have continuously enhanced our understanding of their evasion techniques in desktop environments, few studies have been conducted to explore how the phishing attack is being handled in mobile environments, specifically WebView. In this study, we systematically evaluate the blocking processes of anti-phishing entities in individual apps in the real world by designing the phishing attack tailored to WebView. Specifically, we select eight well-known apps using WebView, and report 80 typical phishing sites (without evasion techniques) and 130 user-agent-specific phishing sites (accessible exclusively via each app's WebView). For scalable analysis, we develop an autonomous evaluation framework and investigate accessibility of both apps and Safe Browsing entities. As a result, we find that user-agent-specific (UA-specific) phishing sites successfully evade blocking across all of the eight Android apps. We also investigate accessing strategies of anti-phishing crawlers of both the apps and Safe Browsing entities; and find that only two apps' crawlers can access UA-specific phishing sites without any subsequent actions such as blocking the link. Based on our experiment results, we present security recommendations to take proactive phishing cautions using link preview bots. To the best of our knowledge, this is the first study that explores how the WebView environments handle phishing attacks and disclose their limitation in the real world.

Original languageEnglish
Title of host publicationWWW 2024 - Proceedings of the ACM Web Conference
PublisherAssociation for Computing Machinery, Inc
Pages1923-1932
Number of pages10
ISBN (Electronic)9798400701719
DOIs
Publication statusPublished - 2024 May 13
Event33rd ACM Web Conference, WWW 2024 - Singapore, Singapore
Duration: 2024 May 132024 May 17

Publication series

NameWWW 2024 - Proceedings of the ACM Web Conference

Conference

Conference33rd ACM Web Conference, WWW 2024
Country/TerritorySingapore
CitySingapore
Period24/5/1324/5/17

Bibliographical note

Publisher Copyright:
© 2024 Owner/Author.

Keywords

  • evasion technique
  • phishing
  • webview security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'PhishinWebView: Analysis of Anti-Phishing Entities in Mobile Apps with WebView Targeted Phishing'. Together they form a unique fingerprint.

Cite this