Cardiff Metropolitan University
Browse

Phishing Attacks: A Recent Comprehensive Study and a New Anatomy

Download (2.95 MB)
journal contribution
posted on 2021-11-11, 11:44 authored by Zainab Alkhalil, Chaminda Hewage, Liqaa NawafLiqaa Nawaf, Imtiaz KhanImtiaz Khan
With the significant growth of internet usage, people increasingly share their personal information online. As a result, an enormous amount of personal information and financial transactions become vulnerable to cybercriminals. Phishing is an example of a highly effective form of cybercrime that enables criminals to deceive users and steal important data. Since the first reported phishing attack in 1990, it has been evolved into a more sophisticated attack vector. At present, phishing is considered one of the most frequent examples of fraud activity on the Internet. Phishing attacks can lead to severe losses for their victims including sensitive information, identity theft, companies, and government secrets. This article aims to evaluate these attacks by identifying the current state of phishing and reviewing existing phishing techniques. Studies have classified phishing attacks according to fundamental phishing mechanisms and countermeasures discarding the importance of the end-to-end lifecycle of phishing. This article proposes a new detailed anatomy of phishing which involves attack phases, attacker’s types, vulnerabilities, threats, targets, attack mediums, and attacking techniques. Moreover, the proposed anatomy will help readers understand the process lifecycle of a phishing attack which in turn will increase the awareness of these phishing attacks and the techniques being used; also, it helps in developing a holistic anti-phishing system. Furthermore, some precautionary countermeasures are investigated, and new strategies are suggested.

History

Published in

Frontiers in Computer Science

Publisher

Frontiers Media

Acceptance Date

2021-01-18

Publication Date

2021-03-19

Version

  • VoR (Version of Record)

Citation

Alkhalil, Z., Hewage, C., Nawaf, L. and Khan, I. (2021) Phishing Attacks: Recent Comprehensive Study and a New Anatomy. Frontiers in Computer Science, 3, p.6.

Electronic ISSN

2624-9898

Cardiff Met Affiliation

  • Cardiff School of Technologies

Cardiff Met Authors

Zainab Alkhalil Chaminda Hewage Liqaa Nawaf Imtiaz Khan

Copyright Holder

  • © The Authors

Language

  • en

Usage metrics

    School of Technologies Research - Journal Articles

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC