Abstract
Phishing has become one of the most common activities observed over the Internet quite often. To investigate the methods through which phishing can not only be detected but can also be controlled, a lot of researchers have contributed and have opened gates for the industry. This paper illustrates the types of phishing attacks and ways to optimize the anti-phishing architecture. The highlights of this paper are listing down the ways to detect phishing activities over web services. The analyzed techniques are compared on the basis of suitable comparative parameters listed in reputed articles.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mohammad, R.M., Thabtah, F., McCluskey, L.: Tutorial and Critical Analysis of Phishing Websites Methods, pp. 1–24. Elsevier (2015)
Waziri Jr., I.: Website forgery: understanding phishing attacks & nontechnical countermeasures. In: IEEE 2nd International Conference on Cyber Security and Cloud Computing, 2015
Khonji, M., Iraqi, Y., Jones, A.: Phishing detection: a literature survey. IEEE Commun. Surv. Tutorials 15(4) (2013)
Shekokar, N.M., Shah, C., Mahajan, M., Rachh, S.: An ideal approach for detection and prevention of phishing attacks. Proc. Comput. Sci. 82–91 (2015) (Elsevier)
Nazreen Banu, M., Munawara Banu, S.: A comprehensive study of phishing attacks. Int. J. Comput. Sci. Inf. Technol. 4(6), 783–786 (2013)
Gupta, S., Singhal, A., Kapoor, A.: A literature survey on social engineering attacks: phishing attack. In: International Conference on Computing, Communication and Automation, 2016
Jain, A.K., Gupta, B.B.: A novel approach to protect against phishing attacks at client side using auto-updated white-list. EURASIP J. Inf. Secur. 1–11 (2016)
Zhang, Y., Hong, J., Cranor, L.: CANTINA: a content-based approach to detecting phishing web sites. In: ACM Proceedings of 16th International Conference on World Wide Web, pp. 639–648, May 2007
Xiang, G., Hong, J., Rose, C.P., Cranor, L.: CANTINA+: a feature-rich machine learning framework for detecting phishing web sites. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(2), 1–32 (2011)
Carolin Jeeva, S., Rajsingh, E.B.: Intelligent phishing url detection using association rule mining. SpringerOpen Hum. Centric Comput. Inf. Sci. 1–19 (2016)
Liu, W., Deng, X., Huang, G., Fu, A.Y.: An antiphishing strategy based on visual similarity assessment. IEEE Comput. Soc. 58–65 (2006)
Chen, K.-T., Huang, C.-R., Chen, C.-S.: Fighting phishing with discriminative keypoint features. IEEE Comput. Soc. 56–63 (2009)
Nirmal, K., Janet, B., Kumar, R.: Phishing—the threat that still exists. In: IEEE International Conference on Computing and Communications Technologies, 2015
Iuga, C., Nurse, J.R.C., Erola, A.: Baiting the hook: factors impacting susceptibility to phishing attacks. Hum. Cent. Comput. Inf. Sci., SpringerOpen (2016)
Choo, K.K.R.: The cyber threat landscape: challenges and future research directions. Comput. Secur. 30, 719–731 (2011) (Elsevier)
Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., Jerram, C.: The design of phishing studies: challenges for researchers. Comput. Secur. 52, 194–206 (2015) (Elsevier)
Montazer, G.A., Yarmohammadi, S.A.: Identifying the critical indicators for phishing detection in iranian e-banking system. In: IEEE 5th Conference on Information and Knowledge Technology, 2013
Chu, W., Zhu, B.B., Xue, F., Guan, X., Cai, Z.: Protect sensitive sites from phishing attacks using features extractable from inaccessible phishing URLs. In: IEEE Communication and Information Systems Security Symposium, 2013
Alhothaily, A., Chunquiang, Hu., Alwaris, A., Song, T., Cheng, X., Chen, D.: A secure and practical authentication scheme using personal devices. IEEE Access 5, 11677–11687 (2017)
Wu, L., Du, X., Wu, J.: Effective defense schemes for phishing attacks on mobile computing platforms. IEEE Trans. Veh. Technol. (2015) (Accepted for publication)
Moghimi, M., Varjan, A.Y.: New rule-based phishing detection method. Expert Syst. Appl. (2016) (Accepted for publication)
Hadi, W., Aburub, F., Alhawari, S.: A new fast associative classification algorithm for detecting phishing websites. Appl. Soft Comput. 48, 729–734 (2016) (Elsevier)
Arachchilage, N.A.G., Love, S., Beznosov, K.: Phishing threat avoidance behaviour: an empirical investigation. Comput. Hum. Behav. 60, 185–197 (2016)
Lin, G., Sun, N., Nepal, S., Zhang, J., Xiang, Y., Hassan, H.: Statistical twitter spam detection demystified: performance, stability and scalability. IEEE Access, Special Section on Big Data Analytics in Internet of Things and Cyber-physical Systems 5, 11142–11154 (2017)
Almomani, A., Gupta, B.B., Atawneh, S., Meulenberg, A., Almomani, E.: A survey of phishing email filtering techniques. IEEE Commun. Surv. Tutorials 15(4) (2013)
Mujtaba, G., Shuib, L., Raj, R.G., Majeed, N., Al-Garadi, M.A.: Email classification research trends: review and open issues. IEEE Access 5, 9044–9064 (2017)
Wang, J., Herath, T., Chen, R., Vishwanath, A., Raghav Rao H.: Phishing susceptibility: an investigation into the processing of a targeted spear phishing email. IEEE Trans. Prof. Commun. 55(4), 345–362 (2012)
Heartfield, R., Loukas, G., Gan, D.: You are probably not the weakest link: towards practical prediction of susceptibility to semantic social engineering attacks. IEEE Access 4, 6910–6928 (2016)
Marchal, S., François, J., State, R., Engel, T.: PhishStorm: detecting phishing with streaming analytics. IEEE Trans. Netw. Serv. Manage. 11(4) (2014)
Vishwanath, A.: Mobile device affordance: explicating how smartphones influence the outcome of phishing attacks. Comput. Hum. Behav. 63, 198–207 (2016)
Sonowal, G., Kuppusamy, K.S.: PhiDMA—a phishing detection model with multi-filter approach. J. King Saud Univ. Comput. Inf. Sci. 1–14 (2017)
Sönmez, Y., Tuncer, T., Gökal, H., Avcr, E.: Phishing web sites features classification based on extreme learning machine. In: 6th International Symposium on Digital Forensic and Security, pp. 1–5, 2018
Oest, A., Safei, Y., Doupé, A., Ahn, G.-J., Wardman, B., Warner, G.: Inside a phisher’s mind: understanding the anti-phishing ecosystem through phishing kit analysis. In: APWG Symposium on Electronic Crime Research, pp. 1–12, 2018
Karabatak, M., Mustafa, T.: Performance comparison of classifiers on reduced phishing website dataset. In: IEEE, pp. 1–5, 2018
Le Page, S., Jourdan, G.-V., Bochmann, G.v., Flood, J., Onut, I.-V.: Using URL shorteners to compare phishing and malware attacks. In: IEEE, pp. 1–13, 2018
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sharma, B., Singh, P. (2022). A Review of Anti-phishing Techniques and its Shortcomings. In: Khanna, K., Estrela, V.V., Rodrigues, J.J.P.C. (eds) Cyber Security and Digital Forensics . Lecture Notes on Data Engineering and Communications Technologies, vol 73. Springer, Singapore. https://doi.org/10.1007/978-981-16-3961-6_24
Download citation
DOI: https://doi.org/10.1007/978-981-16-3961-6_24
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-16-3960-9
Online ISBN: 978-981-16-3961-6
eBook Packages: EngineeringEngineering (R0)