Abstract
Email is a channel of communication which isconsideredto be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about email is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have beenlimited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with anexplorationintohow phishing detection can be improved.
Highlights
Phishing is one of the specific types of social engineering attacks that are well known globally for bypassing deploy technical defenses by manipulating object characteristics such as system applications or platforms to deceive, rather than directly attack the targeted user (Ryan & George, 2015)
Phishers deceive people and obtain secret information [1], such as usernames, passwords, credit card numbers, and IDs from a victim[36]. It targets the human element of cyber-securitywhich[37]account for 95% of cyber incidents and is used as the initial stages usedin cyber-security breaches [38],[21],[39].According to the UK Cyber-security and Strategy 2016-2021 and world statistics, almost all the successful cyber-attacks have a contributing human influence [40] which is to say that cyber-security is not just about the technology as human knowledge on security is required for cyber-security stability
The existing phishing mitigation techniques are reviewed in thispaper.Based on the literature reviewed, it can be seen as it is evident that the existing solutions have not achieved the expected decrease of phishing attacks due to the fact that the human security factors that phishers exploit often have not received an easy to use and identify phishing email
Summary
Phishing is one of the specific types of social engineering attacks that are well known globally for bypassing deploy technical defenses by manipulating object characteristics such as system applications or platforms to deceive, rather than directly attack the targeted user (Ryan & George, 2015). It is common among other security threats, use as the initial step to gain access to an electronic device for further exploitation without the user awareness.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
