Review

. 2021;76(1):139-154.

doi: 10.1007/s11235-020-00733-2. Epub 2020 Oct 23.

A comprehensive survey of AI-enabled phishing attacks detection techniques

Abdul Basit¹, Maham Zafar¹, Xuan Liu², Abdul Rehman Javed³, Zunera Jalil³, Kashif Kifayat³

Affiliations

¹ Department of Computer Science, Air University, E-9, Islamabad, Pakistan.
² School of Information Engineering, Yangzhou University, Yangzhou, China.
³ Department of Cyber Security, Air University, E-9, Islamabad, Pakistan.

PMID: 33110340
PMCID: PMC7581503
DOI: 10.1007/s11235-020-00733-2

Review

A comprehensive survey of AI-enabled phishing attacks detection techniques

Abdul Basit et al. Telecommun Syst. 2021.

. 2021;76(1):139-154.

doi: 10.1007/s11235-020-00733-2. Epub 2020 Oct 23.

Authors

Abdul Basit¹, Maham Zafar¹, Xuan Liu², Abdul Rehman Javed³, Zunera Jalil³, Kashif Kifayat³

Affiliations

¹ Department of Computer Science, Air University, E-9, Islamabad, Pakistan.
² School of Information Engineering, Yangzhou University, Yangzhou, China.
³ Department of Cyber Security, Air University, E-9, Islamabad, Pakistan.

PMID: 33110340
PMCID: PMC7581503
DOI: 10.1007/s11235-020-00733-2

Abstract

In recent times, a phishing attack has become one of the most prominent attacks faced by internet users, governments, and service-providing organizations. In a phishing attack, the attacker(s) collects the client's sensitive data (i.e., user account login details, credit/debit card numbers, etc.) by using spoofed emails or fake websites. Phishing websites are common entry points of online social engineering attacks, including numerous frauds on the websites. In such types of attacks, the attacker(s) create website pages by copying the behavior of legitimate websites and sends URL(s) to the targeted victims through spam messages, texts, or social networking. To provide a thorough understanding of phishing attack(s), this paper provides a literature review of Artificial Intelligence (AI) techniques: Machine Learning, Deep Learning, Hybrid Learning, and Scenario-based techniques for phishing attack detection. This paper also presents the comparison of different studies detecting the phishing attack for each AI technique and examines the qualities and shortcomings of these methodologies. Furthermore, this paper provides a comprehensive set of current challenges of phishing attacks and future research direction in this domain.

Keywords: Advanced phishing techniques; Cyberattack; Deep learning; Hybrid learning; Internet security; Machine learning; Phishing attack; Security threats.

PubMed Disclaimer

Figures

**Fig. 2**
Phishing report for third quarter of the year 2019 [1]

**Fig. 3**
Most targeted industry sectors—3rd quarter 2019 [3]

**Fig. 4**
Taxonomy of this survey focusing on phishing attack detection studies

**Fig. 5**
Deep learning for phishing attack detection

**Fig. 6**
Machine learning for phishing attack detection

See this image and copyright information in PMC

Cited by

ML-Based Detection of DDoS Attacks Using Evolutionary Algorithms Optimization.
Talpur F, Korejo IA, Chandio AA, Ghulam A, Talpur MSH. Talpur F, et al. Sensors (Basel). 2024 Mar 5;24(5):1672. doi: 10.3390/s24051672. Sensors (Basel). 2024. PMID: 38475208 Free PMC article.
The COVID-19 scamdemic: A survey of phishing attacks and their countermeasures during COVID-19.
Al-Qahtani AF, Cresci S. Al-Qahtani AF, et al. IET Inf Secur. 2022 Sep;16(5):324-345. doi: 10.1049/ise2.12073. Epub 2022 Jul 4. IET Inf Secur. 2022. PMID: 35942004 Free PMC article. Review.
How Good Are We at Detecting a Phishing Attack? Investigating the Evolving Phishing Attack Email and Why It Continues to Successfully Deceive Society.
Carroll F, Adejobi JA, Montasari R. Carroll F, et al. SN Comput Sci. 2022;3(2):170. doi: 10.1007/s42979-022-01069-1. Epub 2022 Feb 23. SN Comput Sci. 2022. PMID: 35224514 Free PMC article.
Binary Hunter-Prey Optimization with Machine Learning-Based Cybersecurity Solution on Internet of Things Environment.
Khadidos AO, AlKubaisy ZM, Khadidos AO, Alyoubi KH, Alshareef AM, Ragab M. Khadidos AO, et al. Sensors (Basel). 2023 Aug 16;23(16):7207. doi: 10.3390/s23167207. Sensors (Basel). 2023. PMID: 37631743 Free PMC article.
Identifying and Mitigating Phishing Attack Threats in IoT Use Cases Using a Threat Modelling Approach.
Abbas SG, Vaccari I, Hussain F, Zahid S, Fayyaz UU, Shah GA, Bakhshi T, Cambiaso E. Abbas SG, et al. Sensors (Basel). 2021 Jul 14;21(14):4816. doi: 10.3390/s21144816. Sensors (Basel). 2021. PMID: 34300556 Free PMC article.

See all "Cited by" articles

References

1. (2016). Apwg trend report. http://docs.apwg.org/reports/apwg_trends_report_q4_2016.pdf. Accessed from 20 July 2020
1. (2018) Phishing activity trends report. http://docs.apwg.org/reports/apwg_trends_report_q2_2018.pdf. Accessed from 20 July 2020
1. (2019) Apwg trend report. https://docs.apwg.org/reports/apwg_trends_report_q3_2019.pdf. Accessed from 20 July 2020
1. (2019) Fbi warns of dramatic increase in business e-mail compromise (bec) schemes—fbi. https://www.fbi.gov/contact-us/field-offices/memphis/news/press-releases.... Accessed from 20 July 2020
1. (2019) What is phishing? https://www.phishing.org/what-is-phishing. Accessed from 20 July 2020

Publication types

Actions

LinkOut - more resources

Full Text Sources
- Europe PubMed Central
- PubMed Central

Save citation to file

Email citation

Add to Collections

Add to My Bibliography

Your saved search

Create a file for external citation management software

Your RSS Feed

A comprehensive survey of AI-enabled phishing attacks detection techniques

Affiliations

A comprehensive survey of AI-enabled phishing attacks detection techniques

Authors

Affiliations

Abstract

Figures

Similar articles

Cited by

References

Publication types

LinkOut - more resources

Full Text Sources