FORENSIC ANALYSIS OF WEB PHISHING AND SOCIAL ENGINEERING USING THE NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY METHOD CASE STUDY OF FACEBOOK ACCOUNT DATA THEFT

Rahmat Hidayat; Nuril Anwar

doi:10.29121/digisecforensics.v1.i1.2024.14

Authors

Rahmat Hidayat Informatics Study Program, Universitas Ahmad Dahlan, Bantul Regency, Special Region of Yogyakarta 55191, Indonesia
Nuril Anwar

DOI:

https://doi.org/10.29121/digisecforensics.v1.i1.2024.14

Keywords:

Digital Forensics, NIST, Social Engineering, Web Phishing

Abstract

Modern society heavily relies on digital technology and the internet, particularly on social media platforms like Facebook, which, despite their benefits, also pose security risks. In Q4 2023, a total of 8,161 phishing URLs were detected across 53 different domains, including id, my.id, biz.id, ac.id, and web.id. Criminals employ phishing techniques and social engineering to steal personal information by creating fake websites that resemble Facebook. This research adopts the National Institute of Standards and Technology (NIST) methodology involving the stages of collection, examination, analysis, and reporting to uncover Facebook account data theft. Using Wireshark, the study successfully captured the activities of both phishing perpetrators and victims, revealing evidence such as email messages containing social engineering tactics, victim account data, and information stored in the phishing perpetrators' databases. These findings underscore the importance of public education and awareness enhancement to mitigate increasingly sophisticated phishing attacks.

References

Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing Attacks: A Recent Comprehensive Study and a New Anatomy. Frontiers in Computer Science, 1–23. https://doi.org/10.3389/fcomp.2021.563060 DOI: https://doi.org/10.3389/fcomp.2021.563060

Dwijayanti, A., Komalasari, R., Harto, B., Pramesti, P., & Alfaridzi, M. W. (2022). Efektivitas Penggunaan Media Sosial Sebagai Sarana Promosi dan Pemasaran pada UMKM Sablon Anggi Screen di Era Digital. Ikra-Ith Abdimas, 6(2), 68–75. https://doi.org/10.37817/ikra-ithabdimas.v6i2.2408 DOI: https://doi.org/10.37817/ikra-ithabdimas.v6i2.2408

Hermanto, M. N., Martanto, & Iin. (2023). Analisis Forensic Berbasis Web Phising Menggunakan Metode National Institute of Standards and Technology, Jurnal Informasi dan Komputer, 11(1), 116–123. https://doi.org/10.35959/jik.v11i01.311

Hidayah, I. R. (2020). Representasi Social Engineering Dalam Tindak Kejahatan Dunia Maya (Analisis Semiotika Pada Film Firewall). Tibanndaru: Jurnal Ilmu Perpustakaan Dan Informasi, 4(1), 30. https://doi.org/10.30742/tb.v4i1.905 DOI: https://doi.org/10.30742/tb.v4i1.905

Indonesia Anti-Phishing Data Exchange. (2024). Phishing Activity Report - 4th Quarter 2023.

Muria, R. M., Muntasa, A., Yusuf, M., & Hamzah, A. (2022). Studi Litelatur: Peningkatan Kinerja Digital Forensik Dan Pencegahan Cyber Crime. Jurnal Aplikasi Teknologi Informasi Dan Manajemen (JATIM), 3(1), 12–20. https://doi.org/10.31102/jatim.v3i1.1422 DOI: https://doi.org/10.31102/jatim.v3i1.1422

Nofiyan, A., & Mushlihudin, M. (2020). Analisis Forensik pada Web Phishing Menggunakan Metode National Institute of Standards And Technology (NIST). JSTIE (Jurnal Sarjana Teknik Informatika) (E-Journal), 8(2), 53. https://doi.org/10.12928/jstie.v8i2.16697 DOI: https://doi.org/10.12928/jstie.v8i2.16697

Ryansyah, E., Maulana, R., Rozikin, C., Informatika, P. S., & Karawang, U. S. (2023). Survei Tingkat Pemahaman Mahasiswa Mengenai Ancaman Keamanan Sistem Pada Facebook, 7(3). http://dx.doi.org/10.30998/string.v7i3.15090 DOI: https://doi.org/10.30998/string.v7i3.15090

Tyas Darmaningrat, E. W., Noor Ali, A. H., Herdiyanti, A., Subriadi, A. P., Muqtadiroh, F. A., Astuti, H. M., & Susanto, T. D. (2022). Sosialisasi Bahaya dan Upaya Pencegahan Social Engineering untuk Meningkatkan Kesadaran Masyarakat tentang Keamanan Informasi. Sewagati, 6(2). https://doi.org/10.12962/j26139960.v6i2.92 DOI: https://doi.org/10.12962/j26139960.v6i2.92

Yanti, L.P.F., Suandi, I.N., & Sudiana, I.N. (2021). Analisis Kesantunan Berbahasa Warganet Pada Kolom Komentar Berita Di Media Sosial Facebook. Jurnal Pendidikan Dan Pembelajaran Bahasa Indonesia, 10(1), 139–150. https://doi.org/10.23887/jurnal_bahasa.v10i1.405 DOI: https://doi.org/10.23887/jurnal_bahasa.v10i1.405