{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T15:56:32Z","timestamp":1774367792188,"version":"3.50.1"},"reference-count":88,"publisher":"Springer Science and Business Media LLC","issue":"3-4","license":[{"start":{"date-parts":[[2024,3,19]],"date-time":"2024-03-19T00:00:00Z","timestamp":1710806400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2024,3,19]],"date-time":"2024-03-19T00:00:00Z","timestamp":1710806400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100009043","name":"University of Patras","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100009043","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Pers Ubiquit Comput"],"published-print":{"date-parts":[[2024,8]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Phishing is one of the most important security threats in modern information systems causing different levels of damages to end-users and service providers such as financial and reputational losses. State-of-the-art anti-phishing research is highly fragmented and monolithic and does not address the problem from a pervasive computing perspective. In this survey, we aim to contribute to the existing literature by providing a systematic review of existing experimental phishing research that employs EEG and eye-tracking methods within multi-modal and multi-sensory interaction environments. The main research objective of this review is to examine articles that contain results of at least one EEG-based and\/or eye-tracking-based experimental setup within a phishing context. The database search with specific search criteria yielded 651 articles from which, after the identification and the screening process, 42 articles were examined as per the execution of experiments using EEG or eye-tracking technologies in the context of phishing, resulting to a total of 18 distinct papers that were included in the analysis. This survey is approaching the subject across the following pillars: a) the experimental design practices with an emphasis on the applied EEG and eye-tracking acquisition protocols, b) the artificial intelligence and signal preprocessing techniques that were applied in those experiments, and finally, c) the phishing attack types examined. We also provide a roadmap for future research in the field by suggesting ideas on how to combine state-of-the-art gaze-based mechanisms with EEG technologies for advancing phishing research. This leads to a discussion on the best practices for designing EEG and gaze-based frameworks.<\/jats:p>","DOI":"10.1007\/s00779-024-01794-9","type":"journal-article","created":{"date-parts":[[2024,3,19]],"date-time":"2024-03-19T06:51:21Z","timestamp":1710831081000},"page":"449-470","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["A systematic review and research challenges on phishing cyberattacks from an electroencephalography and gaze-based perspective"],"prefix":"10.1007","volume":"28","author":[{"given":"George A.","family":"Thomopoulos","sequence":"first","affiliation":[]},{"given":"Dimitrios P.","family":"Lyras","sequence":"additional","affiliation":[]},{"given":"Christos A.","family":"Fidas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,3,19]]},"reference":[{"issue":"1","key":"1794_CR1","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/s11235-020-00733-2","volume":"76","author":"A Basit","year":"2021","unstructured":"Basit A, Zafar M, Liu X, Javed AR, Jalil Z, Kifayat K (2021) A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommun Syst 76(1):139\u2013154. https:\/\/doi.org\/10.1007\/s11235-020-00733-2","journal-title":"Telecommun Syst"},{"issue":"1","key":"1794_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3372823","volume":"53","author":"N Kaloudi","year":"2021","unstructured":"Kaloudi N, Li J (2021) The AI-based cyber threat landscape: a survey. ACM Comput Surv 53(1):1\u201334. https:\/\/doi.org\/10.1145\/3372823","journal-title":"ACM Comput Surv"},{"key":"1794_CR3","doi-asserted-by":"publisher","first-page":"1755","DOI":"10.3389\/fpsyg.2020.01755","volume":"11","author":"R Monta\u00f1ez","year":"2020","unstructured":"Monta\u00f1ez R, Golob E, Xu S (2020) Human cognition through the lens of social engineering cyberattacks. Front Psychol 11:1755. https:\/\/doi.org\/10.3389\/fpsyg.2020.01755","journal-title":"Front Psychol"},{"issue":"3","key":"1794_CR4","doi-asserted-by":"publisher","first-page":"1342","DOI":"10.3758\/s13428-020-01495-0","volume":"53","author":"ZM Hakim","year":"2021","unstructured":"Hakim ZM et al (2021) The phishing email suspicion test (PEST) a lab-based task for evaluating the cognitive mechanisms of phishing detection. Behav Res 53(3):1342\u20131352. https:\/\/doi.org\/10.3758\/s13428-020-01495-0","journal-title":"Behav Res"},{"key":"1794_CR5","unstructured":"Anti Phishing Working Group (APWG) (2022) Phishing activity trends report, 1st Quarter,\u00a0https:\/\/www.docs.apwg.org\/. Accessed 17 Jan 2023"},{"key":"1794_CR6","doi-asserted-by":"publisher","unstructured":"Jari M (2022) An overview of phishing victimization: Human factors, training and the role of emotions. In: Computer science and information technology. 12th International Conference on Computer Science and Information Technology (CCSIT 2022). Academy and Industry Research Collaboration Center (AIRCC).\u00a0https:\/\/doi.org\/10.5121\/csit.2022.121319","DOI":"10.5121\/csit.2022.121319"},{"key":"1794_CR7","doi-asserted-by":"publisher","unstructured":"Almoqbil A, O\u2019Connor B, Anderson R, Shittu J, McLeod P (2021) Modeling deception: A case study of email phishing. In: Proceedings from the Document Academy (Vol. 8, Issue 2). Document Academy. https:\/\/doi.org\/10.35492\/docam\/8\/2\/8","DOI":"10.35492\/docam\/8\/2\/8"},{"key":"1794_CR8","doi-asserted-by":"publisher","unstructured":"Chan-Tin E, Stalans L, Johnston S, Reyes D,\u00a0 Kennison S (2022) Predicting phishing victimization. In: Fifth international workshop on systems and network telemetry and analytics. HPDC \u201922: The 31st International Symposium on High-Performance Parallel and Distributed Computing. ACM.\u00a0https:\/\/doi.org\/10.1145\/3526064.3534107","DOI":"10.1145\/3526064.3534107"},{"key":"1794_CR9","doi-asserted-by":"publisher","first-page":"103526","DOI":"10.1016\/j.apergo.2021.103526","volume":"97","author":"Y Ge","year":"2021","unstructured":"Ge Y, Lu L, Cui X, Chen Z, Qu W (2021) How personal characteristics impact phishing susceptibility: the mediating role of mail processing. Appl Ergon 97:103526. https:\/\/doi.org\/10.1016\/j.apergo.2021.103526","journal-title":"Appl Ergon"},{"issue":"3","key":"1794_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3442181","volume":"54","author":"B Sabir","year":"2022","unstructured":"Sabir B, Ullah F, Babar MA, Gaire R (2022) Machine learning for detecting data exfiltration: a review. ACM Comput Surv 54(3):1\u201347. https:\/\/doi.org\/10.1145\/3442181","journal-title":"ACM Comput Surv"},{"key":"1794_CR11","doi-asserted-by":"publisher","unstructured":"Tomaselli J, Willoughby A, Amezcua JV, Delehanty E, Floyd K, Wright D, Lammers M,\u00a0 Vetter R (2021) Verifying phishmon. In: Proceedings of the 2021 ACM Southeast Conference. ACM SE \u201921: 2021 ACM Southeast Conference. ACM. https:\/\/doi.org\/10.1145\/3409334.3452082","DOI":"10.1145\/3409334.3452082"},{"key":"1794_CR12","doi-asserted-by":"publisher","unstructured":"Peng T, Harris I, Sawa Y (2018) Detecting phishing attacks using natural language processing and machine learning. In: 2018 IEEE 12th International Conference on Semantic Computing (ICSC).\u00a0IEEE.\u00a0https:\/\/doi.org\/10.1109\/icsc.2018.00056","DOI":"10.1109\/icsc.2018.00056"},{"key":"1794_CR13","doi-asserted-by":"publisher","unstructured":"Jain AK, Gupta BB (2018) PHISH-SAFE: URL Features-based phishing detection system using machine learning. In: Advances in Intelligent Systems and Computing. Springer Singapore. pp 467\u2013474.\u00a0https:\/\/doi.org\/10.1007\/978-981-10-8536-9_44","DOI":"10.1007\/978-981-10-8536-9_44"},{"issue":"5","key":"1794_CR14","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3336141","volume":"26","author":"T Lin","year":"2019","unstructured":"Lin T et al (2019) Susceptibility to spear-phishing emails: effects of internet user demographics and email content. ACM Trans Comput-Hum Interact 26(5):1\u201328. https:\/\/doi.org\/10.1145\/3336141","journal-title":"ACM Trans Comput-Hum Interact"},{"key":"1794_CR15","doi-asserted-by":"publisher","unstructured":"Fasllija E, Eni\u015fer HF, Pr\u00fcnster B (2019) Phish-Hook: Detecting phishing certificates using certificate transparency logs. In: Lecture notes of the institute for computer sciences, social informatics and telecommunications engineering. Springer International Publishing. pp 320\u2013334. https:\/\/doi.org\/10.1007\/978-3-030-37231-6_18","DOI":"10.1007\/978-3-030-37231-6_18"},{"key":"1794_CR16","doi-asserted-by":"publisher","unstructured":"Althobaiti K, Meng N, Vaniea K (2021) I don\u2019t need an expert! making url phishing features human comprehensible. In: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. CHI \u201921: CHI Conference on Human Factors in Computing Systems. ACM.\u00a0https:\/\/doi.org\/10.1145\/3411764.3445574","DOI":"10.1145\/3411764.3445574"},{"key":"1794_CR17","doi-asserted-by":"publisher","unstructured":"Yang J, Yang P, Jin X, Ma Q (2017) Multi-classification for malicious url based on improved semi-supervised algorithm. In: 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). https:\/\/doi.org\/10.1109\/cse-euc.2017.34","DOI":"10.1109\/cse-euc.2017.34"},{"key":"1794_CR18","unstructured":"Althobaiti K, Vaniea K, Zheng S (2018) Faheem: Explaining URLs to people using a Slack bot. In: Symposium on Digital Behaviour Intervention for Cyber Security. pp 1\u20138 http:\/\/aisb2018.csc.liv.ac.uk\/PROCEEDINGS%20AISB2018\/Digital%20Behaviour%20Interventions%20for%20CyberSecurity%20-%20AISB2018.pdf#page=8"},{"key":"1794_CR19","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2017.02.004","volume":"71","author":"M Volkamer","year":"2017","unstructured":"Volkamer M, Renaud K, Reinheimer B, Kunz A (2017) User experiences of TORPEDO: TOoltip-poweRed Phishing Email DetectiOn. Comput Secur 71:100\u2013113. https:\/\/doi.org\/10.1016\/j.cose.2017.02.004","journal-title":"Comput Secur"},{"issue":"9","key":"1794_CR20","doi-asserted-by":"publisher","first-page":"1970","DOI":"10.1109\/TIFS.2016.2566265","volume":"11","author":"A Neupane","year":"2016","unstructured":"Neupane A, Saxena N, Maximo JO, Kana R (2016) Neural markers of cybersecurity: an fMRI study of phishing and malware warnings. IEEE Trans Inform Forensic Secur 11(9):1970\u20131983. https:\/\/doi.org\/10.1109\/TIFS.2016.2566265","journal-title":"IEEE Trans Inform Forensic Secur"},{"key":"1794_CR21","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.2544742","author":"T Halevi","year":"2015","unstructured":"Halevi T, Memon N, Nov O (2015) Spear-phishing in the wild: a real-world study of personality, phishing self-efficacy and vulnerability to spear-phishing attacks. SSRN J. https:\/\/doi.org\/10.2139\/ssrn.2544742","journal-title":"SSRN J"},{"key":"1794_CR22","doi-asserted-by":"publisher","unstructured":"Iuga C, Nurse JRC, Erola A (2016) Baiting the hook: factors impacting susceptibility to phishing attacks. In: Human-centric Computing and Information Sciences (Vol. 6, Issue 1). Springer Science and Business Media LLC. https:\/\/doi.org\/10.1186\/s13673-016-0065-2","DOI":"10.1186\/s13673-016-0065-2"},{"issue":"10","key":"1794_CR23","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1145\/1290958.1290968","volume":"50","author":"TN Jagatic","year":"2007","unstructured":"Jagatic TN, Johnson NA, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM 50(10):94\u2013100. https:\/\/doi.org\/10.1145\/1290958.1290968","journal-title":"Commun ACM"},{"key":"1794_CR24","doi-asserted-by":"publisher","unstructured":"Sheng S, Holbrook M, Kumaraguru P, Cranor LF, Downs J (2010) Who falls for phish? In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. CHI \u201910: CHI Conference on Human Factors in Computing Systems. ACM. https:\/\/doi.org\/10.1145\/1753326.1753383","DOI":"10.1145\/1753326.1753383"},{"key":"1794_CR25","doi-asserted-by":"publisher","unstructured":"Robinson L, Schulz J, Blank G, Ragnedda M, Ono H, Hogan B, Mesch GS, Cotten SR, Kretchmer SB, Hale TM, Drabowicz T, Yan P, Wellman B, Harper M-G, Quan-Haase A, Dunn HS, Casilli AA, Tubaro P, Carvath R, Khilnani A (2020) Digital inequalities 2.0: Legacy inequalities in the information age. In: First Monday. University of Illinois Libraries. https:\/\/doi.org\/10.5210\/fm.v25i7.10842","DOI":"10.5210\/fm.v25i7.10842"},{"key":"1794_CR26","unstructured":"Paper, Research & Liu, Zhihui & Zhou, Lina & Zhang, Dongsong. (2021). Effects of Demographic Factors on Phishing Victimization in the Workplace"},{"key":"1794_CR27","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1016\/j.chb.2016.02.004","volume":"59","author":"JC-Y Sun","year":"2016","unstructured":"Sun JC-Y, Yu S-J, Lin SSJ, Tseng S-S (2016) The mediating effect of anti-phishing self-efficacy between college students\u2019 internet self-efficacy and anti-phishing behavior and gender difference. Comput Hum Behav 59:249\u2013257. https:\/\/doi.org\/10.1016\/j.chb.2016.02.004","journal-title":"Comput Hum Behav"},{"key":"1794_CR28","unstructured":"Butavicius, M.A., Parsons, K., Pattinson, M.R., McCormac, A., Calic, D., & Lillie, M. (2017). Understanding susceptibility to phishing emails: Assessing the impact of individual differences and culture. International Symposium on Human Aspects of Information Security and Assurance"},{"issue":"4","key":"1794_CR29","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1108\/IMCS-11-2013-0083","volume":"22","author":"W Rocha Flores","year":"2014","unstructured":"Rocha Flores W, Holm H, Svensson G, Ericsson G (2014) Using phishing experiments and scenario-based surveys to understand security behaviours in practice. Inf Manag Comput Secur 22(4):393\u2013406. https:\/\/doi.org\/10.1108\/IMCS-11-2013-0083","journal-title":"Inf Manag Comput Secur"},{"key":"1794_CR30","doi-asserted-by":"publisher","unstructured":"Mohebzada JG, Zarka AE, Bhojani AH, Darwish A (2012) Phishing in a university community: Two large scale phishing experiments. In: 2012 International Conference on Innovations in Information Technology (IIT). https:\/\/doi.org\/10.1109\/innovations.2012.6207742","DOI":"10.1109\/innovations.2012.6207742"},{"key":"1794_CR31","doi-asserted-by":"publisher","unstructured":"Oliveira D, Rocha H, Yang H, Ellis D, Dommaraju S, Muradoglu M, Weir D, Soliman A, Lin T, Ebner N (2017) Dissecting Spear Phishing Emails for Older vs Young Adults. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems. CHI \u201917: CHI Conference on Human Factors in Computing Systems. ACM. https:\/\/doi.org\/10.1145\/3025453.3025831","DOI":"10.1145\/3025453.3025831"},{"issue":"1","key":"1794_CR32","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1080\/01611194.2019.162334","volume":"44","author":"A Diaz","year":"2020","unstructured":"Diaz A, Sherman AT, Joshi A (2020) Phishing in an academic community: a study of user susceptibility and behavior. Cryptologia 44(1):53\u201367. https:\/\/doi.org\/10.1080\/01611194.2019.162334","journal-title":"Cryptologia"},{"issue":"CSCW2","key":"1794_CR33","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3415231","volume":"4","author":"R Wash","year":"2020","unstructured":"Wash R (2020) How experts detect phishing scam emails. Proc ACM Hum -Comput Interact 4(CSCW2):1\u201328. https:\/\/doi.org\/10.1145\/3415231","journal-title":"Proc ACM Hum -Comput Interact"},{"issue":"1","key":"1794_CR34","doi-asserted-by":"publisher","first-page":"e0209684","DOI":"10.1371\/journal.pone.0209684","volume":"14","author":"HS Jones","year":"2019","unstructured":"Jones HS, Towse JN, Race N, Harrison T (2019) Email fraud: the search for psychological predictors of susceptibility. PLoS ONE 14(1):e0209684. https:\/\/doi.org\/10.1371\/journal.pone.0209684","journal-title":"PLoS ONE"},{"key":"1794_CR35","doi-asserted-by":"publisher","unstructured":"Neupane A, Satvat K, Saxena N, Stavrinos D, Bishop, HJ (2018) Do social disorders facilitate social engineering? In: Proceedings of the 34th Annual Computer Security Applications Conference. ACSAC \u201918: 2018 Annual Computer Security Applications Conference. ACM. https:\/\/doi.org\/10.1145\/3274694.3274730","DOI":"10.1145\/3274694.3274730"},{"key":"1794_CR36","doi-asserted-by":"publisher","unstructured":"Blythe M, Petrie H, Clark JA (2011) F for fake. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. CHI \u201911: CHI Conference on Human Factors in Computing Systems. ACM. https:\/\/doi.org\/10.1145\/1978942.1979459","DOI":"10.1145\/1978942.1979459"},{"key":"1794_CR37","doi-asserted-by":"publisher","unstructured":"Canova G, Volkamer M, Bergmann C, Reinheimer B (2015) NoPhish App Evaluation: Lab and Retention Study. In: Proceedings 2015 Workshop on Usable Security. Workshop on Usable Security. Internet Society. https:\/\/doi.org\/10.14722\/usec.2015.23009","DOI":"10.14722\/usec.2015.23009"},{"key":"1794_CR38","unstructured":"Siadati H, Palka, S, Siegel A, McCoy, D (2017) Measuring the effectiveness of embedded phishing exercises"},{"issue":"1","key":"1794_CR39","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/MSP.2013.106","volume":"12","author":"DD Caputo","year":"2014","unstructured":"Caputo DD, Pfleeger SL, Freeman JD, Johnson ME (2014) Going spear phishing: exploring embedded training and awareness. IEEE Secur Privacy 12(1):28\u201338. https:\/\/doi.org\/10.1109\/MSP.2013.106","journal-title":"IEEE Secur Privacy"},{"key":"1794_CR40","doi-asserted-by":"publisher","unstructured":"Higashino M (2019) A design of an anti-phishing training system collaborated with multiple organizations. In: Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services. iiWAS2019: The 21st International Conference on Information Integration and Web-based Applications & Services. ACM. https:\/\/doi.org\/10.1145\/3366030.3366086","DOI":"10.1145\/3366030.3366086"},{"key":"1794_CR41","doi-asserted-by":"publisher","first-page":"101788","DOI":"10.1016\/j.cose.2020.101788","volume":"93","author":"A JalalyBidgoly","year":"2020","unstructured":"JalalyBidgoly A, JalalyBidgoly H, Arezoumand Z (2020) A survey on methods and challenges in EEG based authentication. Computers Sec 93:101788. https:\/\/doi.org\/10.1016\/j.cose.2020.101788","journal-title":"Computers Sec"},{"key":"1794_CR42","doi-asserted-by":"publisher","unstructured":"Katsini C, Abdrabou Y, Raptis GE, Khamis M, Alt F (2020) The role of eye gaze in security and privacy applications: Survey and future HCI Research Directions. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. https:\/\/doi.org\/10.1145\/3313831.3376840","DOI":"10.1145\/3313831.3376840"},{"key":"1794_CR43","unstructured":"Hari Singh, Dr. Jaswinder Singh (2012) Human eye tracking and related issues: a review. Int J Scientific Res Pub 2(9)"},{"issue":"4","key":"1794_CR44","doi-asserted-by":"publisher","first-page":"2091","DOI":"10.1109\/SURV.2013.032213.00009","volume":"15","author":"M Khonji","year":"2013","unstructured":"Khonji M, Iraqi Y, Jones A (2013) Phishing detection: a literature survey. IEEE Commun Surv Tutorials 15(4):2091\u20132121. https:\/\/doi.org\/10.1109\/SURV.2013.032213.00009","journal-title":"IEEE Commun Surv Tutorials"},{"key":"1794_CR45","doi-asserted-by":"publisher","first-page":"41574","DOI":"10.1109\/ACCESS.2022.3166474","volume":"10","author":"R Abdillah","year":"2022","unstructured":"Abdillah R, Shukur Z, Mohd M, Ts M, Murah Z (2022) Phishing classification techniques: a systematic literature review. IEEE Access 10:41574\u201341591. https:\/\/doi.org\/10.1109\/ACCESS.2022.3166474","journal-title":"IEEE Access"},{"issue":"10","key":"1794_CR46","doi-asserted-by":"publisher","first-page":"168","DOI":"10.3390\/fi12100168","volume":"12","author":"R Alabdan","year":"2020","unstructured":"Alabdan R (2020) Phishing attacks survey: types, vectors, and technical approaches. Future Internet 12(10):168. https:\/\/doi.org\/10.3390\/fi12100168","journal-title":"Future Internet"},{"key":"1794_CR47","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1016\/j.cose.2017.04.006","volume":"68","author":"A Aleroud","year":"2017","unstructured":"Aleroud A, Zhou L (2017) Phishing environments, techniques, and countermeasures: a survey. Comput Secur 68:160\u2013196. https:\/\/doi.org\/10.1016\/j.cose.2017.04.006","journal-title":"Comput Secur"},{"key":"1794_CR48","doi-asserted-by":"publisher","unstructured":"Stavroulakis P, Stamp M, Eds. (2010) Handbook of information and communication security. Berlin, Heidelberg: Springer Berlin Heidelberg. https:\/\/doi.org\/10.1007\/978-3-642-04117-4","DOI":"10.1007\/978-3-642-04117-4"},{"issue":"1","key":"1794_CR49","doi-asserted-by":"publisher","first-page":"671","DOI":"10.1109\/COMST.2019.2957750","volume":"22","author":"A Das","year":"2020","unstructured":"Das A, Baki S, El Aassal A, Verma R, Dunbar A (2020) SoK: a comprehensive reexamination of phishing research from the security perspective. IEEE Commun Surv Tutorials 22(1):671\u2013708. https:\/\/doi.org\/10.1109\/COMST.2019.2957750","journal-title":"IEEE Commun Surv Tutorials"},{"key":"1794_CR50","doi-asserted-by":"publisher","unstructured":"Rader MA, M. Rahman S. (Shawon) (2013) Phishing Techniques and Mitigating the Associated Security Risks. In International Journal of Network Security & Its Applications. Academy and Industry Research Collaboration Center (AIRCC). 5(4):23\u201341. https:\/\/doi.org\/10.5121\/ijnsa.2013.5402","DOI":"10.5121\/ijnsa.2013.5402"},{"key":"1794_CR51","unstructured":"Phishing.org. Phishing Organization, https:\/\/www.phishing.org\/history-of-phishing, Accessed 17 Jan 2023"},{"key":"1794_CR52","doi-asserted-by":"crossref","unstructured":"Verizon Com. Data Breach Investigation Report (2022)\u00a0https:\/\/www.verizon.com\/business\/resources\/Td4c\/reports\/dbir\/2022-data-breach-investigations-report-dbir.pdf","DOI":"10.12968\/S1361-3723(22)70578-7"},{"key":"1794_CR53","unstructured":"Anti Phishing Working Group (APWG) Phishing activity trends report, 3rd quarter 2022, https:\/\/docs.apwg.org\/, Accessed 17 Jan 2023"},{"key":"1794_CR54","doi-asserted-by":"crossref","unstructured":"UK Government, https:\/\/www.gov.uk\/government\/statistics\/cyber-security-breaches-survey-2022\/cyber-security-breaches-survey-2022, Accessed 25 Jan 2023","DOI":"10.12968\/S1361-3723(22)70568-4"},{"key":"1794_CR55","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.eswa.2018.03.050","volume":"106","author":"KL Chiew","year":"2018","unstructured":"Chiew KL, Yong KSC, Tan CL (2018) A survey of phishing attacks: their types, vectors and technical approaches. Expert Syst Appl 106:1\u201320. https:\/\/doi.org\/10.1016\/j.eswa.2018.03.050","journal-title":"Expert Syst Appl"},{"issue":"9","key":"1794_CR56","doi-asserted-by":"publisher","first-page":"2723","DOI":"10.1007\/s00381-020-04564-z","volume":"37","author":"R \u0130nce","year":"2021","unstructured":"\u0130nce R, Adan\u0131r SS, Sevmez F (2021) The inventor of electroencephalography (EEG): Hans Berger (1873\u20131941). Childs Nerv Syst 37(9):2723\u20132724. https:\/\/doi.org\/10.1007\/s00381-020-04564-z","journal-title":"Childs Nerv Syst"},{"issue":"5","key":"1794_CR57","doi-asserted-by":"publisher","first-page":"560","DOI":"10.3390\/electronics10050560","volume":"10","author":"A Bonci","year":"2021","unstructured":"Bonci A, Fiori S, Higashi H, Tanaka T, Verdini F (2021) An introductory tutorial on brain\u2013computer interfaces and their applications. Electronics 10(5):560. https:\/\/doi.org\/10.3390\/electronics10050560","journal-title":"Electronics"},{"issue":"6","key":"1794_CR58","doi-asserted-by":"publisher","first-page":"1365","DOI":"10.3390\/s19061365","volume":"19","author":"G Di Flumeri","year":"2019","unstructured":"Di Flumeri G, Aric\u00f2 P, Borghini G, Sciaraffa N, Di Florio A, Babiloni F (2019) The dry revolution: evaluation of three different EEG dry electrode types in terms of signal spectral features, mental states classification and usability. Sensors 19(6):1365. https:\/\/doi.org\/10.3390\/s19061365","journal-title":"Sensors"},{"key":"1794_CR59","doi-asserted-by":"publisher","unstructured":"Mecarelli O (2019) Electrode placement systems and montages. In: Clinical Electroencephalography. Springer International Publishing. pp 35\u201352.\u00a0https:\/\/doi.org\/10.1007\/978-3-030-04573-9_4","DOI":"10.1007\/978-3-030-04573-9_4"},{"issue":"4","key":"1794_CR60","doi-asserted-by":"publisher","first-page":"713","DOI":"10.1016\/S1388-2457(00)00527-7","volume":"112","author":"R Oostenveld","year":"2001","unstructured":"Oostenveld R, Praamstra P (2001) The five percent electrode system for high-resolution EEG and ERP measurements. Clin Neurophysiol 112(4):713\u2013719. https:\/\/doi.org\/10.1016\/S1388-2457(00)00527-7","journal-title":"Clin Neurophysiol"},{"issue":"3","key":"1794_CR61","doi-asserted-by":"publisher","first-page":"159","DOI":"10.26599\/BSA.2020.9050027","volume":"6","author":"L Hu","year":"2020","unstructured":"Hu L, Zhang Z (2020) Evolving EEG signal processing techniques in the age of artificial intelligence. Brain Science Adv 6(3):159\u2013161. https:\/\/doi.org\/10.26599\/BSA.2020.9050027","journal-title":"Brain Science Adv"},{"key":"1794_CR62","doi-asserted-by":"publisher","first-page":"36380","DOI":"10.1109\/ACCESS.2019.2903235","volume":"7","author":"X Wan","year":"2019","unstructured":"Wan X et al (2019) A review on electroencephalogram based brain computer interface for elderly disabled. IEEE Access 7:36380\u201336387. https:\/\/doi.org\/10.1109\/ACCESS.2019.2903235","journal-title":"IEEE Access"},{"key":"1794_CR63","doi-asserted-by":"publisher","first-page":"114037","DOI":"10.1016\/j.eswa.2020.114037","volume":"166","author":"AF Klaib","year":"2021","unstructured":"Klaib AF, Alsrehin NO, Melhem WY, Bashtawi HO, Magableh AA (2021) Eye tracking algorithms, techniques, tools, and applications with an emphasis on machine learning and Internet of Things technologies. Expert Syst Appl 166:114037. https:\/\/doi.org\/10.1016\/j.eswa.2020.114037","journal-title":"Expert Syst Appl"},{"key":"1794_CR64","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1016\/j.ijpsycho.2020.05.010","volume":"155","author":"BT Carter","year":"2020","unstructured":"Carter BT, Luke SG (2020) Best practices in eye tracking research. Int J Psychophysiol 155:49\u201362. https:\/\/doi.org\/10.1016\/j.ijpsycho.2020.05.010","journal-title":"Int J Psychophysiol"},{"key":"1794_CR65","doi-asserted-by":"publisher","unstructured":"Punde PA, Jadhav ME, Manza RR (2017) A study of eye tracking technology and its applications. In: 2017 1st International Conference on Intelligent Systems and Information Management (ICISIM).\u00a0IEEE.\u00a0https:\/\/doi.org\/10.1109\/icisim.2017.8122153","DOI":"10.1109\/icisim.2017.8122153"},{"issue":"4","key":"1794_CR66","first-page":"182","volume":"17","author":"A Sarkar","year":"2017","unstructured":"Sarkar A, Sanyal G, Majumder S (2017) Performance evaluation of an eye tracking system under varying conditions. IJCSNS 17(4):182\u2013191","journal-title":"IJCSNS"},{"key":"1794_CR67","doi-asserted-by":"publisher","unstructured":"Joseph AW, Murugesh R (2020) Potential Eye Tracking Metrics and Indicators to Measure Cognitive Load in Human-Computer Interaction Research. In Journal of scientific research. Banaras Hindu University. 64(1):168\u2013175. https:\/\/doi.org\/10.37398\/jsr.2020.640137","DOI":"10.37398\/jsr.2020.640137"},{"issue":"5","key":"1794_CR68","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1016\/j.ijsu.2010.02.007","volume":"8","author":"D Moher","year":"2010","unstructured":"Moher D, Liberati A, Tetzlaff J, Altman DG (2010) Preferred reporting items for systematic reviews and meta-analyses: the PRISMA statement. Int J Surg 8(5):336\u2013341. https:\/\/doi.org\/10.1016\/j.ijsu.2010.02.007","journal-title":"Int J Surg"},{"key":"1794_CR69","doi-asserted-by":"publisher","unstructured":"Neupane A, Rahman Md. L, Saxena N, Hirshfield L (2015) A Multi-Modal Neuro-Physiological Study of Phishing Detection and Malware Warnings. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. CCS\u201915: The 22nd ACM Conference on Computer and Communications Security. ACM.\u00a0https:\/\/doi.org\/10.1145\/2810103.2813660","DOI":"10.1145\/2810103.2813660"},{"key":"1794_CR70","doi-asserted-by":"publisher","unstructured":"Rahman Md. L, Bardhan S, Neupane A, Papalexakis E, Song C (2019) Learning tensor-based representations from brain-computer interface data for cybersecurity. In: Machine learning and knowledge discovery in databases. Springer International Publishing. pp 389\u2013404.\u00a0https:\/\/doi.org\/10.1007\/978-3-030-10997-4_24","DOI":"10.1007\/978-3-030-10997-4_24"},{"key":"1794_CR71","doi-asserted-by":"publisher","unstructured":"Valecha R, Gonzalez A, Mock J, Golob EJ, Raghav Rao H (2019) Investigating Phishing Susceptibility\u2014An Analysis of Neural Measures. In: Information Systems and Neuroscience. Springer International Publishing. pp 111\u2013119. https:\/\/doi.org\/10.1007\/978-3-030-28144-1_12","DOI":"10.1007\/978-3-030-28144-1_12"},{"key":"1794_CR72","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1016\/j.compedu.2016.12.003","volume":"106","author":"JC-Y Sun","year":"2017","unstructured":"Sun JC-Y, Yeh KP-C (2017) The effects of attention monitoring with EEG biofeedback on university students\u2019 attention and self-efficacy: the case of anti-phishing instructional materials. Comput Educ 106:73\u201382. https:\/\/doi.org\/10.1016\/j.compedu.2016.12.003","journal-title":"Comput Educ"},{"key":"1794_CR73","doi-asserted-by":"publisher","unstructured":"Hashem Y, Takabi H, Dantu R, Nielsen R (2017) A Multi-Modal Neuro-Physiological Study of Malicious Insider Threats. In: Proceedings of the 2017 International Workshop on Managing Insider Security Threats. CCS \u201917: 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM.\u00a0https:\/\/doi.org\/10.1145\/3139923.3139930","DOI":"10.1145\/3139923.3139930"},{"key":"1794_CR74","doi-asserted-by":"publisher","unstructured":"Ramkumar N, Kothari V, Mills C, Koppel R, Blythe J, Smith S, Kun AL (2020) Eyes on URLs: Relating Visual Behavior to Safety Decisions. In: ACM Symposium on Eye Tracking Research and Applications. ETRA \u201920: 2020 Symposium on Eye Tracking Research and Applications. ACM. https:\/\/doi.org\/10.1145\/3379155.3391328","DOI":"10.1145\/3379155.3391328"},{"key":"1794_CR75","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1016\/j.ijhcs.2015.05.005","volume":"82","author":"M Alsharnouby","year":"2015","unstructured":"Alsharnouby M, Alaca F, Chiasson S (2015) Why phishing still works: user strategies for combating phishing attacks. Int J Hum Comput Stud 82:69\u201382. https:\/\/doi.org\/10.1016\/j.ijhcs.2015.05.005","journal-title":"Int J Hum Comput Stud"},{"key":"1794_CR76","doi-asserted-by":"crossref","unstructured":"Miyamoto D, Blanc G, Kadobayashi Y (2015) Eye Can Tell: On the correlation between eye movement and phishing identification. International Conference on Neural Information Processing","DOI":"10.1007\/978-3-319-26555-1_26"},{"key":"1794_CR77","doi-asserted-by":"publisher","unstructured":"Darwish A, Bataineh E (2012) Eye tracking analysis of browser security indicators. In: 2012 International Conference on Computer Systems and Industrial Informatics. 2012 International Conference on Computer Systems and Industrial Informatics (ICCSII). IEEE.\u00a0https:\/\/doi.org\/10.1109\/iccsii.2012.6454330","DOI":"10.1109\/iccsii.2012.6454330"},{"key":"1794_CR78","doi-asserted-by":"publisher","unstructured":"Pfeffel K, Ulsamer P, M\u00fcller NH (2019) Where the user does look when reading phishing mails \u2013 An Eye-Tracking Study. In: Learning and collaboration technologies. Designing learning experiences. Springer International Publishing. pp 277\u2013287. https:\/\/doi.org\/10.1007\/978-3-030-21814-0_21","DOI":"10.1007\/978-3-030-21814-0_21"},{"key":"1794_CR79","doi-asserted-by":"publisher","unstructured":"Miyamoto D, Iimura T, Blanc G, Tazaki H, Kadobayashi Y (2014) EyeBit: Eye-tracking approach for enforcing phishing prevention habits. In: 2014 third international workshop on building analysis datasets and gathering experience returns for security (BADGERS). https:\/\/doi.org\/10.1109\/badgers.2014.14","DOI":"10.1109\/badgers.2014.14"},{"key":"1794_CR80","doi-asserted-by":"publisher","first-page":"1756","DOI":"10.3389\/fpsyg.2020.01756","volume":"11","author":"J McAlaney","year":"2020","unstructured":"McAlaney J, Hills PJ (2020) Understanding phishing email processing and perceived trustworthiness through eye tracking. Front Psychol 11:1756. https:\/\/doi.org\/10.3389\/fpsyg.2020.01756","journal-title":"Front Psychol"},{"key":"1794_CR81","doi-asserted-by":"publisher","first-page":"2585","DOI":"10.1109\/TIFS.2022.3189530","volume":"17","author":"L Huang","year":"2022","unstructured":"Huang L, Jia S, Balcetis E, Zhu Q (2022) ADVERT: an adaptive and data-driven attention enhancement mechanism for phishing prevention. IEEE Trans Inform Forensic Secur 17:2585\u20132597. https:\/\/doi.org\/10.1109\/TIFS.2022.3189530","journal-title":"IEEE Trans Inform Forensic Secur"},{"key":"1794_CR82","unstructured":"Anderson B, Vance A, Eargle D (2013) Is your susceptibility to phishing dependent on your memory?. WISP 2012 Proceedings. p 40.  https:\/\/aisel.aisnet.org\/wisp2012\/40"},{"issue":"4","key":"1794_CR83","doi-asserted-by":"publisher","first-page":"640","DOI":"10.1177\/0018720816684064","volume":"59","author":"A Xiong","year":"2017","unstructured":"Xiong A, Proctor RW, Yang W, Li N (2017) Is domain highlighting actually helpful in identifying phishing web pages? Hum Factors 59(4):640\u2013660. https:\/\/doi.org\/10.1177\/0018720816684064","journal-title":"Hum Factors"},{"issue":"5","key":"1794_CR84","doi-asserted-by":"publisher","first-page":"499","DOI":"10.1016\/S0013-4694(97)00066-7","volume":"103","author":"PL Nunez","year":"1997","unstructured":"Nunez PL et al (1997) EEG coherency. Electroencephalogr Clin Neurophysiol 103(5):499\u2013515. https:\/\/doi.org\/10.1016\/S0013-4694(97)00066-7","journal-title":"Electroencephalogr Clin Neurophysiol"},{"key":"1794_CR85","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1016\/j.cogr.2021.04.001","volume":"1","author":"J Wang","year":"2021","unstructured":"Wang J, Wang M (2021) Review of the emotional feature extraction and classification using EEG signals. Cognitive Robotics 1:29\u201340. https:\/\/doi.org\/10.1016\/j.cogr.2021.04.001","journal-title":"Cognitive Robotics"},{"key":"1794_CR86","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1016\/j.patcog.2017.01.024","volume":"67","author":"M Gomez-Barrero","year":"2017","unstructured":"Gomez-Barrero M, Maiorana E, Galbally J, Campisi P, Fierrez J (2017) Multi-biometric template protection based on homomorphic encryption. Pattern Recogn 67:149\u2013163. https:\/\/doi.org\/10.1016\/j.patcog.2017.01.024","journal-title":"Pattern Recogn"},{"key":"1794_CR87","doi-asserted-by":"publisher","unstructured":"Neupane A, Saxena N, Hirshfield L (2017) Neural underpinnings of website legitimacy and familiarity detection. In: Proceedings of the 26th International Conference on World Wide Web. WWW \u201917: 26th International World Wide Web Conference. International World Wide Web Conferences Steering Committee. https:\/\/doi.org\/10.1145\/3038912.3052702","DOI":"10.1145\/3038912.3052702"},{"key":"1794_CR88","doi-asserted-by":"publisher","unstructured":"Neupane A, Saxena N, Kuruvilla K, Georgescu M, Kana R (2014) Neural signatures of user-centered security: An fMRI study of phishing, and malware warnings. In: Proceedings 2014 Network and Distributed System Security Symposium. Network and Distributed System Security Symposium. Internet Society. https:\/\/doi.org\/10.14722\/ndss.2014.23056","DOI":"10.14722\/ndss.2014.23056"}],"container-title":["Personal and Ubiquitous Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00779-024-01794-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00779-024-01794-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00779-024-01794-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,19]],"date-time":"2024-09-19T17:09:00Z","timestamp":1726765740000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00779-024-01794-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,19]]},"references-count":88,"journal-issue":{"issue":"3-4","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["1794"],"URL":"https:\/\/doi.org\/10.1007\/s00779-024-01794-9","relation":{},"ISSN":["1617-4909","1617-4917"],"issn-type":[{"value":"1617-4909","type":"print"},{"value":"1617-4917","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,19]]},"assertion":[{"value":"13 March 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"27 February 2024","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 March 2024","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}