Internet phishing hook, line and hopefully not sunk.
This study is based on the subject of internet phishing, and the primary goal was to ascertain the level of awareness thereof that exists amongst online users in the Durban area, and to determine if users were able to identify the common characteristics of a phishing attack. Associated research objectives were also to establish whether users were au fait with the concept of internet security, and how the correct implementation of this line of defence can prevent possible further or future attacks. Based on the findings of this research, it is further envisaged that a platform be provided to launch a robust awareness programme to attack the insidious invader, thus avoiding and preventing any intentional havoc from being successfully perpetrated. An online questionnaire, being quantitative in nature and comprising 19 questions, was administered to 500 participants. A two-month data collection period was allotted. The questionnaire was completed by 228 respondents, and one of the prerequisites was that they be located in Durban. The data collected was analysed using the Statistical Package for the Social Sciences (SPSS) software. Although the analysis revealed that the level of awareness on the subject matter is average, the incidents of phishing attacks are clearly increasing. The deduction made is that the methods currently deployed to create awareness are obviously not having the desired effect, proving that this strategy has to be revisited urgently. The findings also demonstrate that internet phishing is everyone‟s responsibility and it is considered prudent for all internet users to make a concerted effort to learn more about the subject. The results concluded that a direct relationship existed between users‟ level of awareness and the efficacy of internet security installed on a computer. Users who were knowledgeable about the subject, and had installed Internet security software, generally did not experience malicious attacks and were less likely to be targeted. The overall findings presented in this study provide the aforementioned platform upon which an awareness campaign can be formulated to reduce the success rate, and the number, of highly probable future phishing attacks on a previously unsuspecting public.