Mitigation strategies against the phishing attacks : a systematic literature review

Naqvi, Bilal and Perova, Kseniia and Farooq, Ali and Makhdoom, Imran and Oyedeji, Shola and Porras, Jari (2023) Mitigation strategies against the phishing attacks : a systematic literature review. Computers and Security, 132. 103387. ISSN 0167-4048 (https://doi.org/10.1016/j.cose.2023.103387)

[thumbnail of Naqvi-etal-CS-2023-Mitigation-strategies-against-the-phishing-attacks]
Preview
 Text. Filename: Naqvi-etal-CS-2023-Mitigation-strategies-against-the-phishing-attacks.pdf
Final Published Version
License: Creative Commons Attribution 4.0 logo
Download (2MB)| Preview

Abstract

Phishing attacks are among the most prevalent attack mechanisms employed by attackers. The consequences of successful phishing include (and are not limited to) financial losses, impact on reputation, and identity theft. The paper presents a systematic literature review featuring 248 articles (from the beginning of 2018 until March 2023) across the main digital libraries to identify, (1) the existing mitigation strategies against phishing attacks, and the underlying technologies considered in the development of these strategies; (2) the most considered phishing vectors in the development of the mitigation strategies; (3) anti-phishing guidelines and recommendations for organizations and end-users respectively; and (4) gaps and open issues that exist in the state of the art. The paper advocates for the need to consider the abilities of human users during the design and development of the mitigation strategies as only technology-centric solutions will not suffice to cater to the challenges posed by phishing attacks.

ORCID iDs

Naqvi, Bilal, Perova, Kseniia, Farooq, Ali ORCID logoORCID: https://orcid.org/0000-0003-4864-3155, Makhdoom, Imran, Oyedeji, Shola and Porras, Jari;
CORE (COnnecting REpositories)