Mitigation strategies against the phishing attacks: A systematic literature review

被引:22
作者
Naqvi, Bilal [1 ]
Perova, Kseniia [1 ]
Farooq, Ali [2 ,3 ]
Makhdoom, Imran [4 ]
Oyedeji, Shola [1 ]
Porras, Jari [1 ]
机构
[1] LUT Univ, Software Engn, LENS, Lappeenranta, Finland
[2] Hamad Bin Khalifa Univ, Qatar Comp Res Inst, Doha, Qatar
[3] Univ Turku, Dept Comp, Turku, Finland
[4] Natl Univ Sci & Technol, Islamabad, Pakistan
关键词
Guidelines and recommendations; Mitigation strategies; Phishing attacks; Systematic; Literature review; GOOGLE-SCHOLAR; WEB; SCIENCE; SCOPUS;
D O I
10.1016/j.cose.2023.103387
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Phishing attacks are among the most prevalent attack mechanisms employed by attackers. The conse-quences of successful phishing include (and are not limited to) financial losses, impact on reputation, and identity theft. The paper presents a systematic literature review featuring 248 articles (from the be-ginning of 2018 until March 2023) across the main digital libraries to identify, (1) the existing mitigation strategies against phishing attacks, and the underlying technologies considered in the development of these strategies; (2) the most considered phishing vectors in the development of the mitigation strate-gies; (3) anti-phishing guidelines and recommendations for organizations and end-users respectively; and (4) gaps and open issues that exist in the state of the art. The paper advocates for the need to con-sider the abilities of human users during the design and development of the mitigation strategies as only technology-centric solutions will not suffice to cater to the challenges posed by phishing attacks. & COPY; 2023 The Author(s). Published by Elsevier Ltd. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )
引用
收藏
页数:25
相关论文
共 48 条
[1]   Phishing Classification Techniques: A Systematic Literature Review [J].
Abdillah, Rahmad ;
Shukur, Zarina ;
Mohd, Masnizah ;
Murah, Ts Mohd Zamri .
IEEE ACCESS, 2022, 10 :41574-41591
[2]   Web of Science, Scopus and Google Scholar A content comprehensiveness comparison [J].
Adriaanse, Leslie S. ;
Rensleigh, Chris .
ELECTRONIC LIBRARY, 2013, 31 (06) :727-744
[3]  
Alauthman M, 2019, Machine Learning for Computer and Cyber Security, P48, DOI DOI 10.1201/9780429504044-2
[4]   A Case Study of Phishing Incident Response in an Educational Organization [J].
Althobaiti K. ;
Jenkins A.D.G. ;
Vaniea K. .
1600, Association for Computing Machinery (05)
[5]  
Apandi S.H., 2020, IOP C SER MAT SCI EN, V769
[6]   Cybersecurity of Hospitals: discussing the challenges and working towards mitigating the risks [J].
Argaw, Salem T. ;
Troncoso-Pastoriza, Juan R. ;
Lacey, Darren ;
Florin, Marie-Valentine ;
Calcavecchia, Franck ;
Anderson, Denise ;
Burleson, Wayne ;
Vogel, Jan-Michael ;
O'Leary, Chana ;
Eshaya-Chauvin, Bruce ;
Flahault, Antoine .
BMC MEDICAL INFORMATICS AND DECISION MAKING, 2020, 20 (01)
[7]   The state of research on cyberattacks against hospitals and available best practice recommendations: a scoping review [J].
Argaw, Salem T. ;
Bempong, Nefti-Eboni ;
Eshaya-Chauvin, Bruce ;
Flahault, Antoine .
BMC MEDICAL INFORMATICS AND DECISION MAKING, 2019, 19 (1)
[8]  
Arshad A., 2021, PAKISTAN J ENG TECH, V4, P163
[9]  
Babati B., 2020, HUMAN ERROR IMPACTS
[10]   Classification of Phishing Attack Solutions by Employing Deep Learning Techniques: A Systematic Literature Review [J].
Benavides, Eduardo ;
Fuertes, Walter ;
Sanchez, Sandra ;
Sanchez, Manuel .
DEVELOPMENTS AND ADVANCES IN DEFENSE AND SECURITY, 2020, 152 :51-64