Simulated Phishing Attack and Forensic Analysis Using the D4I Framework: A Case Study on Kredivo

Authors

  • Muhammad Yusuf Halim Universitas Islam Indonesia https://orcid.org/0009-0003-6152-801X
  • Toto Raharjo Universitas Islam Indonesia
  • Rosi Rahmadi Syahputra Universitas Islam Indonesia
  • Erika Ramadhani Universitas Islam Indonesia

DOI:

https://doi.org/10.37802/joti.v7i2.1086

Keywords:

Cybersecurity, Fintech Security, Phishing Attack, D4I Framework, Digital Forensics

Abstract

Phishing is a form of cyberattack where attackers deceive users into revealing sensitive information such as credentials or financial data, often through fake communication channels or websites. This threat is particularly critical in the financial technology (fintech) sector, where services rely heavily on digital transactions and user trust. This study presents a simulated phishing case targeting Kredivo users to evaluate the effectiveness of the Digital Forensics framework for Reviewing and Investigating cyber-attacks (D4I) in digital forensic analysis. The Cyber Kill Chain (CKC) model was employed to trace attacker behavior across seven phases, from weaponization to actions on objectives. Forensic data was acquired using MOBILedit Forensic Express from two smartphones, namely an iPhone 11 (iOS 15.8.1) and a Vivo Y21 (Android 8.1.0), which served as simulated evidence devices. Using the D4I framework, the investigation successfully identified and correlated key digital artifacts such as phishing links, OTP transmissions, and unauthorized access logs. These findings were organized into a visual chain of artifacts to reconstruct the full attack lifecycle. The results demonstrate that the D4I framework is effective in guiding structured forensic investigations and understanding attack patterns, supporting the enhancement of fintech security strategies.

Downloads

Download data is not yet available.

References

M. F. Naseri, Q. A. Frugh, and Q. Shamsi, “Challenge and Opportunity of Mobile Banking in Afghanistan,” Journal of Technology and Informatics (JoTI), vol. 7, no. 1, Art. no. 1, Apr. 2025, doi: 10.37802/joti.v7i1.896.

I. A. G. Y. S. Putri, N. M. Estiyanti, and L. Yupita, “Analysis of Factors Affecting Borrowes’ Interest in Using Kredivo Fintech Peer-to-peer Lending Services During the COVID-19 Pandemic in Denpasar City,” JurnalTAM, vol. 14, no. 1, p. 120, Jul. 2023, doi: 10.56327/jurnaltam.v14i1.1398.

Z. K. Sangha and H. Sulistiani, “Risk Analysis of Computer Network Security Focusing on Phishing Attacks in Fintech Platform,” in The 5th International Conference on Information Technology and Security, IC-ITECHS, Dec. 2024, pp. 1028–1034. doi: 10.32664/ic-itechs.v5i1.1687.

R. Lohiya and A. Thakkar, “A Compendium on Risk Assessment of Phishing Attack Using Attack Modeling Techniques,” Procedia Computer Science, vol. 235, pp. 1105–1114, 2024, doi: 10.1016/j.procs.2024.04.105.

M. K. Mehmood, H. Arshad, M. Alawida, and A. Mehmood, “Enhancing Smishing Detection: A Deep Learning Approach for Improved Accuracy and Reduced False Positives,” IEEE Access, vol. 12, pp. 137176–137193, 2024, doi: 10.1109/ACCESS.2024.3463871.

A. C. Banjarnahor and P. Priyana, “Analisis Yuridis Cybercrime Terhadap Penanganan Kasus Phising Kredivo,” HERMENEUTIKA: Jurnal Ilmu Hukum, vol. 6, no. 1, pp. 32–36, Feb. 2022, doi: 10.33603/hermeneutika.v6i1.6754.

N. Ilany-Tzur and L. Fink, “Device and risk-avoidance behavior in the context of cybersecurity phishing attacks,” International Journal of Information Management, vol. 84, p. 102919, Oct. 2025, doi: 10.1016/j.ijinfomgt.2025.102919.

S. K. Birthriya, P. Ahlawat, and A. K. Jain, “A Comprehensive Survey of Social Engineering Attacks: Taxonomy of Attacks, Prevention, and Mitigation Strategies,” Journal of Applied Security Research, vol. 20, no. 2, pp. 244–292, Apr. 2025, doi: 10.1080/19361610.2024.2372986.

Z. Alkhalil, C. Hewage, L. Nawaf, and I. Khan, “Phishing Attacks: A Recent Comprehensive Study and a New Anatomy,” Front. Comput. Sci., vol. 3, p. 563060, Mar. 2021, doi: 10.3389/fcomp.2021.563060.

A. A. A. and P. K., “Towards the Detection of Phishing Attacks: A Survey, Taxonomy, and Open Research Challenges,” in 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI), Tirunelveli, India: IEEE, 2020, pp. 337–343. doi: 10.1109/ICOEI48184.2020.9142967.

F. Carroll, J. A. Adejobi, and R. Montasari, “How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society,” SN Computer Science, vol. 3, no. 2, p. 170, Mar. 2022, doi: 10.1007/s42979-022-01069-1.

A. Dimitriadis, N. Ivezic, B. Kulvatunyou, and I. Mavridis, “D4I - Digital forensics framework for reviewing and investigating cyber attacks,” Array, vol. 5, p. 100015, 2020, doi: 10.1016/j.array.2019.100015.

M. M. Mirza, A. Ozer, and U. Karabiyik, “Mobile Cyber Forensic Investigations of Web3 Wallets on Android and iOS,” Applied Sciences, vol. 12, no. 21, p. 11180, Nov. 2022, doi: 10.3390/app122111180.

S. Mehrban et al., “Towards Secure FinTech: A Survey, Taxonomy, and Open Research Challenges,” IEEE Access, vol. 8, pp. 23391–23406, 2020, doi: 10.1109/ACCESS.2020.2970430.

J. A. Jafri, S. I. M. Amin, A. Abdul Rahman, and S. M. Nor, “A systematic literature review of the role of trust and security on Fintech adoption in banking,” Heliyon, vol. 10, no. 1, p. e22980, Jan. 2024, doi: 10.1016/j.heliyon.2023.e22980.

N. Sirenko, I. Atamanyuk, Y. Volosyuk, A. Poltorak, O. Melnyk, and P. Fenenko, “Paradigm Changes that Strengthen the Financial Security of the State through FINTECH Development,” in 2020 IEEE 11th International Conference on Dependable Systems, Services and Technologies (DESSERT), Kyiv, Ukraine: IEEE, May 2020, pp. 110–116. doi: 10.1109/DESSERT50317.2020.9125026.

Y. Ahmed, A. T. Asyhari, and M. A. Rahman, “A Cyber Kill Chain Approach for Detecting Advanced Persistent Threats,” Comput. Mater. Contin., vol. 67, no. 2, pp. 2497–2513, 2021, doi: 10.32604/cmc.2021.014223.

K. Haga, P. H. Meland, and G. Sindre, “Breaking the Cyber Kill Chain by Modelling Resource Costs,” in Graphical Models for Security, H. Eades III and O. Gadyatskaya, Eds., Cham: Springer International Publishing, 2020, pp. 111–126. doi: 10.1007/978-3-030-62230-5_6.

M. Kazimierczak, N. Habib, J. H. Chan, and T. Thanapattheerakul, “Impact of AI on the Cyber Kill Chain: A Systematic Review,” Heliyon, vol. 10, no. 24, p. e40699, Dec. 2024, doi: 10.1016/j.heliyon.2024.e40699.

M. M. Yamin, M. Ullah, H. Ullah, B. Katt, M. Hijji, and K. Muhammad, “Mapping Tools for Open Source Intelligence with Cyber Kill Chain for Adversarial Aware Security,” Mathematics, vol. 10, no. 12, p. 2054, Jun. 2022, doi: 10.3390/math10122054.

I. Stylianou, P. Bountakas, A. Zarras, and C. Xenakis, “Suspicious minds: Psychological techniques correlated with online phishing attacks,” Computers in Human Behavior Reports, vol. 19, p. 100694, Aug. 2025, doi: 10.1016/j.chbr.2025.100694.

Downloads