ABSTRACT

Phishing is a "con trick" by which consumers are sent email purporting to originate from legitimate services like banks or other financial institutions. Phishing can be thought of as the marriage of social engineering and technology. The goal of a phisher is typically to learn information that allows him to access resources belonging to his victims. The most common type of phishing attack aims to obtain account numbers and passwords used for online banking, in order to either steal money from these accounts or use them as “stepping stones” in money laundry schemes. In the latter type of situation, the phisher, who may belong to a criminal organization or a terrorist organization, will transfer money between accounts that he controls (without stealing money from either of them) in order to obscure the actual flow of funds from some payer to some payee. Phishing is therefore not only of concern for potential victims and their financial institutions, but also to society at large[1].
In hacker's worlds, there is something called 'Key Logger'. The purpose of key logger is to log every key that you type in your keyboard, this includes every single personal information that you have typed in your keyboard while you surf the Net such as log in into your online banking. Once your password has been logged, the hacker can use your information to their benefit[2]. Using Virtual Keyboard which contains randomly generated keys adds another security layer to authenticate yourself to their system. Virtual Keyboard works just like regular keyboard, one thing is you don't type it in your keyboard. Rather, you will be using your mouse to type the password by using virtual keyboard[3].