Phishing Attacks Survey: Types, Vectors, and Technical Approaches
TLDR
The aims of this paper are to build awareness of phishing techniques, educate individuals about these attacks, and encourage the use ofphishing prevention techniques, in addition to encouraging discourse among the professional community about this topic.Abstract:
Phishing attacks, which have existed for several decades and continue to be a major problem today, constitute a severe threat in the cyber world. Attackers are adopting multiple new and creative methods through which to conduct phishing attacks, which are growing rapidly. Therefore, there is a need to conduct a comprehensive review of past and current phishing approaches. In this paper, a review of the approaches used during phishing attacks is presented. This paper comprises a literature review, followed by a comprehensive examination of the characteristics of the existing classic, modern, and cutting-edge phishing attack techniques. The aims of this paper are to build awareness of phishing techniques, educate individuals about these attacks, and encourage the use of phishing prevention techniques, in addition to encouraging discourse among the professional community about this topic.read more
Citations
More filters
Journal ArticleDOI
Phishing email detection using Natural Language Processing techniques : a literature survey
TL;DR: This study provides an analysis of the numerous state-of-the-art NLP and ML strategies currently in use to identify phishing emails at various stages of the attack, with an emphasis on ML strategies.
Journal ArticleDOI
Robotics cyber security: vulnerabilities, attacks, countermeasures, and recommendations.
TL;DR: In this paper, the main security vulnerabilities, threats, risks, and their impacts, and the main attacks within the robotics domain are reviewed, and different approaches and recommendations are presented in order to enhance and improve the security level of robotic systems.
Journal ArticleDOI
Integrated Industrial Reference Architecture for Smart Healthcare in Internet of Things: A Systematic Investigation
TL;DR: This paper is the first to provide an exhaustive investigation on IoT architectural challenges with a use case in a smart healthcare system and concludes that IWF Architecture is most suitable for the effortless development of IoT applications.
Journal ArticleDOI
How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society
TL;DR: In this paper , the authors explored the current phishing attack characteristics especially the growing challenges that have emerged as a result of the COVID-19 pandemic and found that people were not confident, worried and often dissatisfied with the current technologies available to protect them against phishing emails.
Journal ArticleDOI
Evaluation of Contextual and Game-Based Training for Phishing Detection
TL;DR: An evaluation of how two promising methods for ISAT support users in acheiving secure behavior using a simulated experiment with 41 participants shows that both training methods can support users towards secure behavior and that CBMT does so to a higher degree than game-based training.
References
More filters
Book
The Art of Deception: Controlling the Human Element of Security
Kevin Mitnick,William L. Simon +1 more
TL;DR: Kevin Mitnick redeems his former life of crime by providing specific guidelines for developing protocols, training programs, and manuals to ensure that a company's sophisticated technical security investment will not be for naught.
Proceedings ArticleDOI
Detection and analysis of drive-by-download attacks and malicious JavaScript code
TL;DR: A novel approach to the detection and analysis of malicious JavaScript code is presented that uses a number of features and machine-learning techniques to establish the characteristics of normal JavaScript code and is able to identify anomalous JavaScript code by emulating its behavior and comparing it to the established profiles.
Proceedings Article
Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis.
TL;DR: The solution presented in this paper stops XSS attacks on the client side by tracking the flow of sensitive information inside the web browser and if sensitive information is about to be transferred to a third party, the user can decide if this should be permitted or not.
Journal ArticleDOI
The state of phishing attacks
TL;DR: Looking past the systems people use, they target the people using the systems.
Proceedings Article
Crying wolf: an empirical study of SSL warning effectiveness
TL;DR: A better approach may be to minimize the use of SSL warnings altogether by blocking users from making unsafe connections and eliminating warnings in benign situations.