{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T12:57:19Z","timestamp":1776085039128,"version":"3.50.1"},"reference-count":194,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2023,10,19]],"date-time":"2023-10-19T00:00:00Z","timestamp":1697673600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,10,19]],"date-time":"2023-10-19T00:00:00Z","timestamp":1697673600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2024,4]]},"DOI":"10.1007\/s10207-023-00768-x","type":"journal-article","created":{"date-parts":[[2023,10,19]],"date-time":"2023-10-19T19:02:10Z","timestamp":1697742130000},"page":"819-848","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":41,"title":["A comprehensive survey of phishing: mediums, intended targets, attack and defence techniques and a novel taxonomy"],"prefix":"10.1007","volume":"23","author":[{"given":"Richa","family":"Goenka","sequence":"first","affiliation":[]},{"given":"Meenu","family":"Chawla","sequence":"additional","affiliation":[]},{"given":"Namita","family":"Tiwari","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,10,19]]},"reference":[{"key":"768_CR1","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.ijhcs.2018.06.004","volume":"120","author":"EJ Williams","year":"2018","unstructured":"Williams, E.J., Hinds, J., Joinson, A.N.: Exploring susceptibility to phishing in the workplace. Int. J. Hum. Comput. Stud. 120, 1\u201313 (2018)","journal-title":"Int. J. Hum. Comput. Stud."},{"issue":"3","key":"768_CR2","doi-asserted-by":"publisher","first-page":"3184","DOI":"10.1109\/TNSM.2021.3065422","volume":"18","author":"S Maroofi","year":"2021","unstructured":"Maroofi, S., Korczy\u0144ski, M., H\u00f6lzel, A., Duda, A.: Adoption of email anti-spoofing schemes: a large scale analysis. IEEE Trans. Netw. Serv. Manag. 18(3), 3184\u20133196 (2021)","journal-title":"IEEE Trans. Netw. Serv. Manag."},{"key":"768_CR3","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijinfomgt.2020.102171","volume":"55","author":"N Pandey","year":"2020","unstructured":"Pandey, N., Pal, A., et al.: Impact of digital surge during COVID-19 pandemic: a viewpoint on research and practice. Int. J. Inf. Manag. 55, 102171 (2020)","journal-title":"Int. J. Inf. Manag."},{"key":"768_CR4","unstructured":"Beech, F.M..: Covid-19 pushes up internet use 70% and streaming more than 12%, first figures reveal. https:\/\/www.forbes.com\/sites\/markbeech\/2020\/03\/25\/covid-19-pushes-up-internet-use-70-streaming-more-than-12-first-figures-reveal\/?sh=1e813ced3104, (May 2020). Accessed June 2022"},{"key":"768_CR5","unstructured":"Akala, A.: More big employers are talking about permanent work-from-home positions. https:\/\/www.cnbc.com\/2020\/05\/01\/major-companies-talking-about-permanent-work-from-home-positions.html. Accessed June 2022"},{"key":"768_CR6","unstructured":"BBC News. Twitter allows staff to work from home \u201cforever\u201d. https:\/\/www.bbc.com\/news\/technology-52628119 (2020). Accessed June 2022"},{"key":"768_CR7","unstructured":"APWG. Phishing activity trends report-4th quarter (2022). https:\/\/apwg.org\/trendsreports\/. Accessed July 2023"},{"key":"768_CR8","doi-asserted-by":"publisher","first-page":"121916","DOI":"10.1109\/ACCESS.2021.3109091","volume":"9","author":"H Abroshan","year":"2021","unstructured":"Abroshan, H., Devos, J., Poels, G., Laermans, E.: Covid-19 and phishing: effects of human emotions, behavior, and demographics on the success of phishing attempts during the pandemic. IEEE Access 9, 121916\u2013121929 (2021)","journal-title":"IEEE Access"},{"key":"768_CR9","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102248","volume":"105","author":"HS Lallie","year":"2021","unstructured":"Lallie, H.S., Shepherd, L.A., Nurse, J.R.C., Erola, A., Epiphaniou, G., Maple, C., Bellekens, X.: Cyber security in the age of Covid-19: a timeline and analysis of cyber-crime and cyber-attacks during the pandemic. Comput. Secur. 105, 102248 (2021)","journal-title":"Comput. Secur."},{"key":"768_CR10","unstructured":"BNP Media T. Kelly: How hackers are using Covid-19 to find new phishing victims. https:\/\/www.securitymagazine.com\/articles\/92666-how-hackers-are-using-covid-19-to-find-new-phishing-victims. Accessed June 2022"},{"key":"768_CR11","unstructured":"Cision: Phishing in a pandemic: 1 in 4 Americans received a Covid-19 related phishing email. https:\/\/www.prnewswire.com\/news-releases\/phishing-in-a-pandemic-1-in-4-americans-received-a-covid-19-related-phishing-email-301134037.html (2021). Accessed June 2022"},{"key":"768_CR12","unstructured":"Security Boulevard: Phishing statistics: the 29 latest phishing stats to know in 2020. https:\/\/securityboulevard.com\/2020\/04\/phishing-statistics-the-29-latest-phishing-stats-to-know-in-2020\/. Accessed June 2022"},{"key":"768_CR13","unstructured":"APWG: Phishing activity trends report-1st quarter 2020. https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q1_2020.pdf?_ga=2.30422460.2018635328.1665064249-1448730527.1654753557 &_gl=1*a4rx10*_ga*MTQ0ODczMDUyNy4xNjU0NzUzNTU3*_ga_55RF0RHXSR*MTY2NTA2NDI0OC4xNS4xLjE2NjUwNjQ1MDYuMC4wLjA. Accessed April 2022"},{"key":"768_CR14","unstructured":"Stu Sjouwerman: Q1 2020 coronavirus-related phishing email attacks are up 600%. https:\/\/blog.knowbe4.com\/q1-2020-coronavirus-related-phishing-email-attacks-are-up-600. Accessed 15 Jan 2022"},{"key":"768_CR15","unstructured":"FBI: Internet crime report. https:\/\/www.ic3.gov\/Media\/PDF\/AnnualReport\/2020_IC3Report.pdf. Accessed 16 Feb 2022"},{"key":"768_CR16","doi-asserted-by":"publisher","DOI":"10.1002\/0470086106","volume-title":"Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft","author":"M Jakobsson","year":"2006","unstructured":"Jakobsson, M., Myers, S.: Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. Wiley, New York (2006)"},{"key":"768_CR17","unstructured":"Ollmann, G.: The phishing guide understanding & preventing phishing attacks. NGS Software Insight Security Research (2004)"},{"key":"768_CR18","first-page":"433","volume-title":"Phishing Attacks and Countermeasures","author":"Z Ramzan","year":"2010","unstructured":"Ramzan, Z.: Phishing Attacks and Countermeasures, pp. 433\u2013448. Springer, Berlin (2010)"},{"issue":"4","key":"768_CR19","doi-asserted-by":"publisher","first-page":"2091","DOI":"10.1109\/SURV.2013.032213.00009","volume":"15","author":"M Khonji","year":"2013","unstructured":"Khonji, M., Iraqi, Y., Jones, A.: Phishing detection: a literature survey. IEEE Commun. Surv. Tutor. 15(4), 2091\u20132121 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"4","key":"768_CR20","doi-asserted-by":"publisher","first-page":"2070","DOI":"10.1109\/SURV.2013.030713.00020","volume":"15","author":"A Almomani","year":"2013","unstructured":"Almomani, A., Gupta, B.B., Atawneh, S., Meulenberg, A., Almomani, E.: A survey of phishing email filtering techniques. IEEE Commun. Surv. Tutor. 15(4), 2070\u20132090 (2013)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"768_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cosrev.2015.04.001","volume":"17","author":"RM Mohammad","year":"2015","unstructured":"Mohammad, R.M., Thabtah, F., McCluskey, L.: Tutorial and critical analysis of phishing websites methods. Comput. Sci. Rev. 17, 1\u201324 (2015)","journal-title":"Comput. Sci. Rev."},{"issue":"1","key":"768_CR22","first-page":"3","volume":"12","author":"A Tewari","year":"2016","unstructured":"Tewari, A., Jain, A.K., Gupta, B.B.: Recent survey of various defense mechanisms against phishing attacks. J. Inf. Priv. Secur. 12(1), 3\u201313 (2016)","journal-title":"J. Inf. Priv. Secur."},{"issue":"18","key":"768_CR23","doi-asserted-by":"publisher","first-page":"6266","DOI":"10.1002\/sec.1674","volume":"9","author":"G Varshney","year":"2016","unstructured":"Varshney, G., Misra, M., Atrey, P.K.: A survey and classification of web phishing detection schemes. Secur. Commun. Netw. 9(18), 6266\u20136284 (2016)","journal-title":"Secur. Commun. Netw."},{"key":"768_CR24","doi-asserted-by":"publisher","first-page":"160","DOI":"10.1016\/j.cose.2017.04.006","volume":"68","author":"A Aleroud","year":"2017","unstructured":"Aleroud, A., Zhou, L.: Phishing environments, techniques, and countermeasures: A survey. Comput. Secur. 68, 160\u2013196 (2017)","journal-title":"Comput. Secur."},{"issue":"12","key":"768_CR25","doi-asserted-by":"publisher","first-page":"3629","DOI":"10.1007\/s00521-016-2275-y","volume":"28","author":"BB Gupta","year":"2017","unstructured":"Gupta, B.B., Tewari, A., Jain, A.K., Agrawal, D.P.: Fighting against phishing attacks: state of the art and future challenges. Neural Comput. Appl. 28(12), 3629\u20133654 (2017)","journal-title":"Neural Comput. Appl."},{"issue":"4","key":"768_CR26","doi-asserted-by":"publisher","first-page":"2797","DOI":"10.1109\/COMST.2017.2752087","volume":"19","author":"Z Dou","year":"2017","unstructured":"Dou, Z., Khalil, I., Khreishah, A., Al-Fuqaha, A., Guizani, M.: Systematization of knowledge (SOK): a systematic review of software-based web phishing detection. IEEE Commun. Surv. Tutor. 19(4), 2797\u20132819 (2017)","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"768_CR27","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.eswa.2018.03.050","volume":"106","author":"KL Chiew","year":"2018","unstructured":"Chiew, K.L., Yong, K.S.C., Tan, C.L.: A survey of phishing attacks: their types, vectors and technical approaches. Expert Syst. Appl. 106, 1\u201320 (2018)","journal-title":"Expert Syst. Appl."},{"key":"768_CR28","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1016\/j.cosrev.2018.05.003","volume":"29","author":"I Qabajeh","year":"2018","unstructured":"Qabajeh, I., Thabtah, F., Chiclana, F.: A recent review of conventional vs. automated cybersecurity anti-phishing techniques. Comput. Sci. Rev. 29, 44\u201355 (2018)","journal-title":"Comput. Sci. Rev."},{"issue":"1","key":"768_CR29","doi-asserted-by":"publisher","first-page":"671","DOI":"10.1109\/COMST.2019.2957750","volume":"22","author":"A Das","year":"2019","unstructured":"Das, A., Baki, S., El Aassal, A., Verma, R., Dunbar, A.: Sok: a comprehensive reexamination of phishing research from the security perspective. IEEE Commun. Surv. Tutor. 22(1), 671\u2013708 (2019)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"05","key":"768_CR30","doi-asserted-by":"publisher","first-page":"1930002","DOI":"10.1142\/S0218213019300023","volume":"28","author":"AA Akinyelu","year":"2019","unstructured":"Akinyelu, A.A.: Machine learning and nature inspired based phishing detection: a literature survey. Int. J. Artif. Intell. Tools 28(05), 1930002 (2019)","journal-title":"Int. J. Artif. Intell. Tools"},{"issue":"10","key":"768_CR31","doi-asserted-by":"publisher","first-page":"168","DOI":"10.3390\/fi12100168","volume":"12","author":"R Alabdan","year":"2020","unstructured":"Alabdan, R.: Phishing attacks survey: types, vectors, and technical approaches. Future Internet 12(10), 168 (2020)","journal-title":"Future Internet"},{"issue":"7","key":"768_CR32","doi-asserted-by":"publisher","first-page":"5019","DOI":"10.1007\/s10462-020-09814-9","volume":"53","author":"T Gangavarapu","year":"2020","unstructured":"Gangavarapu, T., Jaidhar, C.D., Chanduka, B.: Applicability of machine learning in spam and phishing email filtering: review and approaches. Artif. Intell. Rev. 53(7), 5019\u20135081 (2020)","journal-title":"Artif. Intell. Rev."},{"issue":"5","key":"768_CR33","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1049\/iet-net.2020.0078","volume":"9","author":"M Vijayalakshmi","year":"2020","unstructured":"Vijayalakshmi, M., Shalinie, S.M., Yang, M.H., Meenakshi, U.R.: Web phishing detection techniques: a survey on the state-of-the-art, taxonomy and future directions. IET Netw. 9(5), 235\u2013246 (2020)","journal-title":"IET Netw."},{"key":"768_CR34","doi-asserted-by":"publisher","first-page":"80866","DOI":"10.1109\/ACCESS.2021.3084897","volume":"9","author":"J Lee","year":"2021","unstructured":"Lee, J., Lee, Y., Lee, D., Kwon, H., Shin, D.: Classification of attack types and analysis of attack methods for profiling phishing mail attack groups. IEEE Access 9, 80866\u201380872 (2021)","journal-title":"IEEE Access"},{"key":"768_CR35","doi-asserted-by":"publisher","DOI":"10.3389\/fcomp.2021.563060","volume":"3","author":"Z Alkhalil","year":"2021","unstructured":"Alkhalil, Z., Hewage, C., Nawaf, L., Khan, I.: Phishing attacks: a recent comprehensive study and a new anatomy. Front. Comput. Sci. 3, 563060 (2021)","journal-title":"Front. Comput. Sci."},{"issue":"4","key":"768_CR36","doi-asserted-by":"publisher","first-page":"527","DOI":"10.1080\/17517575.2021.1896786","volume":"16","author":"AK Jain","year":"2022","unstructured":"Jain, A.K., Gupta, B.B.: A survey of phishing attack techniques, defence mechanisms and open research challenges. Enterp. Inf. Syst. 16(4), 527\u2013565 (2022)","journal-title":"Enterp. Inf. Syst."},{"issue":"5","key":"768_CR37","doi-asserted-by":"publisher","first-page":"324","DOI":"10.1049\/ise2.12073","volume":"16","author":"AF Al-Qahtani","year":"2022","unstructured":"Al-Qahtani, A.F., Cresci, S.: The COVID-19 scamdemic: a survey of phishing attacks and their countermeasures during COVID-19. IET Inf. Secur. 16(5), 324\u2013345 (2022)","journal-title":"IET Inf. Secur."},{"issue":"1","key":"768_CR38","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/s11235-020-00733-2","volume":"76","author":"A Basit","year":"2021","unstructured":"Basit, A., Zafar, M., Liu, X., Javed, A.R., Jalil, Z., Kifayat, K.: A comprehensive survey of ai-enabled phishing attacks detection techniques. Telecommun. Syst. 76(1), 139\u2013154 (2021)","journal-title":"Telecommun. Syst."},{"key":"768_CR39","doi-asserted-by":"crossref","unstructured":"Salloum, S., Gaber, T., Vadera, S., Sharan, K.: A systematic literature review on phishing email detection using natural language processing techniques. IEEE Access (2022)","DOI":"10.1109\/ACCESS.2022.3183083"},{"key":"768_CR40","unstructured":"Abdillah, R., Shukur, Z., Mohd, M., Murah, M.Z.: A systematic literature review on phishing classification techniques . IEEE Access (2022)"},{"key":"768_CR41","unstructured":"Rekouche, K.: Early phishing. arXiv preprint arXiv:1106.4692 (2011)"},{"key":"768_CR42","unstructured":"BBC News: Twitter hack: staff tricked by phone spear-phishing scam. https:\/\/www.bbc.com\/news\/technology-53607374. Accessed Jan 2022"},{"key":"768_CR43","unstructured":"Twitter: An update on our security incident. https:\/\/blog.twitter.com\/en_us\/topics\/company\/2020\/an-update-on-our-security-incident (2020). Accessed Jan 2022"},{"key":"768_CR44","unstructured":"CNBC: How this scammer used phishing emails to steal over \\$100 million from google and facebook. https:\/\/www.cnbc.com\/2019\/03\/27\/phishing-email-scam-stole-100-million-from-facebook-and-google.html (2019). Accessed Jan 2022"},{"key":"768_CR45","unstructured":"Reuters: Austria\u2019s facc, hit by cyber fraud, fires CEO. https:\/\/www.reuters.com\/article\/us-facc-ceo-idUSKCN0YG0ZF (2016). Accessed Jan 2022"},{"key":"768_CR46","unstructured":"SecurityIntelligence: Ibm uncovers global phishing campaign targeting the covid-19 vaccine cold chain. https:\/\/securityintelligence.com\/posts\/ibm-uncovers-global-phishing-covid-19-vaccine-cold-chain\/. Accessed Jan 2022"},{"key":"768_CR47","doi-asserted-by":"crossref","unstructured":"Weider, D.Yu., Nargundkar, S., Tiruthani, N.: A phishing vulnerability analysis of web based systems. In: 2008 IEEE Symposium on Computers and Communications, pp. 326\u2013331. IEEE (2008)","DOI":"10.1109\/ISCC.2008.4625681"},{"key":"768_CR48","doi-asserted-by":"publisher","first-page":"171796","DOI":"10.1109\/ACCESS.2020.3024198","volume":"8","author":"S Nazah","year":"2020","unstructured":"Nazah, S., Huda, S., Abawajy, J., Hassan, M.M.: Evolution of dark web threat analysis and detection: a systematic approach. IEEE Access 8, 171796\u2013171819 (2020)","journal-title":"IEEE Access"},{"issue":"1","key":"768_CR49","first-page":"6","volume":"8","author":"RA Bates","year":"2016","unstructured":"Bates, R.A.: Tracking lone wolf terrorists. J. Public Prof. Sociol. 8(1), 6 (2016)","journal-title":"J. Public Prof. Sociol."},{"issue":"3","key":"768_CR50","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1080\/1057610X.2015.1119546","volume":"39","author":"G Weimann","year":"2016","unstructured":"Weimann, G.: Going dark: terrorism on the dark web. Stud. Conf. Terror. 39(3), 195\u2013206 (2016)","journal-title":"Stud. Conf. Terror."},{"key":"768_CR51","unstructured":"E-ISAC and SANS: Analysis of the cyber attack on the Ukrainian power grid. https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/43\/2016\/05\/20081514\/E-ISAC_SANS_Ukraine_DUC_5.pdf. Accessed Jan 2022"},{"key":"768_CR52","doi-asserted-by":"crossref","unstructured":"Verizon: Dbir:data breach investigations report. https:\/\/www.verizon.com\/business\/resources\/Tcd0\/reports\/dbir\/2022-data-breach-investigations-report-dbir.pdf (2022). Accessed Dec 2022","DOI":"10.12968\/S1361-3723(22)70578-7"},{"key":"768_CR53","doi-asserted-by":"crossref","unstructured":"SOPHOS: The state of ransomware 2022. https:\/\/assets.sophos.com\/X24WTUEQ\/at\/4zpw59pnkpxxnhfhgj9bxgj9\/sophos-state-of-ransomware-2022-wp.pdf. Accessed Oct 2022","DOI":"10.12968\/S1361-3723(22)70573-8"},{"issue":"1","key":"768_CR54","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s40163-019-0097-9","volume":"8","author":"G Hull","year":"2019","unstructured":"Hull, G., John, H., Arief, B.: Ransomware deployment methods and analysis: views from a predictive model and human responses. Crime Sci. 8(1), 1\u201322 (2019)","journal-title":"Crime Sci."},{"key":"768_CR55","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1016\/j.cose.2012.10.002","volume":"32","author":"D Damopoulos","year":"2013","unstructured":"Damopoulos, D., Kambourakis, G., Gritzalis, S.: From keyloggers to touchloggers: take the rough with the smooth. Comput. Secur. 32, 102\u2013114 (2013)","journal-title":"Comput. Secur."},{"key":"768_CR56","unstructured":"Statista: Number of smartphone subscriptions worldwide from 2016 to 2021, with forecasts from 2022 to 2027. https:\/\/www.statista.com\/statistics\/330695\/number-of-smartphone-users-worldwide\/ (2022). Accessed June 2022"},{"key":"768_CR57","unstructured":"APWG: Phishing activity trends report-2nd quarter 2022. https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q2_2022.pdf?_ga=2.45552807.263073049.1665252062-1448730527.1654753557 &_gl=1*14k5jc7*_ga*MTQ0ODczMDUyNy4xNjU0NzUzNTU3*_ga_55RF0RHXSR*MTY2NTI1ODU1NS4xOS4xLjE2NjUyNTg1NTkuMC4wLjA. Accessed April 2022"},{"key":"768_CR58","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1016\/j.cose.2017.12.006","volume":"73","author":"Diksha Goel and Ankit Kumar Jain","year":"2018","unstructured":"Diksha Goel and Ankit Kumar Jain: Mobile phishing attacks and defence mechanisms: state of art and open research challenges. Comput. Secur. 73, 519\u2013544 (2018)","journal-title":"Comput. Secur."},{"issue":"4","key":"768_CR59","doi-asserted-by":"publisher","first-page":"3227","DOI":"10.1007\/s11277-022-09707-w","volume":"125","author":"AK Jain","year":"2022","unstructured":"Jain, A.K., Debnath, N., Jain, A.K.: APuML: an efficient approach to detect mobile phishing webpages using machine learning. Wirel. Pers. Commun. 125(4), 3227\u20133248 (2022)","journal-title":"Wirel. Pers. Commun."},{"issue":"03","key":"768_CR60","first-page":"206","volume":"6","author":"H Shahriar","year":"2015","unstructured":"Shahriar, H., Klintic, T., Clincy, V., et al.: Mobile phishing attacks and mitigation techniques. J. Inf. Secur. 6(03), 206 (2015)","journal-title":"J. Inf. Secur."},{"key":"768_CR61","unstructured":"Felt, A.P., Wagner, D.: Phishing on mobile devices (2011)"},{"key":"768_CR62","unstructured":"Business2Community: SMS marketing: texting your way to success. https:\/\/www.business2community.com\/digital-marketing\/sms-marketing-texting-your-way-to-success-02388639. Accessed June 2022"},{"key":"768_CR63","doi-asserted-by":"publisher","first-page":"803","DOI":"10.1016\/j.future.2020.03.021","volume":"108","author":"S Mishra","year":"2020","unstructured":"Mishra, S., Soni, D.: Smishing detector: a security model to detect smishing through SMS content analysis and URL behavior analysis. Futur. Gener. Comput. Syst. 108, 803\u2013815 (2020)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"768_CR64","unstructured":"Jakobsson, M.: The human factor in phishing. Privacy Security of Consumer Information (2007)"},{"key":"768_CR65","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1016\/j.jnca.2013.02.026","volume":"37","author":"HP Singh","year":"2014","unstructured":"Singh, H.P., Singh, S., Singh, J., Khan, S.A.: VoIP: state of art for global connectivity\u2014a critical review. J. Netw. Comput. Appl. 37, 365\u2013379 (2014)","journal-title":"J. Netw. Comput. Appl."},{"issue":"3","key":"768_CR66","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1109\/TDSC.2016.2580509","volume":"15","author":"H Mustafa","year":"2016","unstructured":"Mustafa, H., Wenyuan, X., Sadeghi, A.-R., Schulz, S.: End-to-end detection of caller id spoofing attacks. IEEE Trans. Depend. Secure Comput. 15(3), 423\u2013436 (2016)","journal-title":"IEEE Trans. Depend. Secure Comput."},{"key":"768_CR67","unstructured":"DENSO\u00a0WAVE INCORPORATED. History of QR code. https:\/\/www.qrcode.com\/en\/history\/. Accessed Dec 2021"},{"issue":"1","key":"768_CR68","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1186\/s13640-016-0155-0","volume":"2017","author":"P-Y Lin","year":"2017","unstructured":"Lin, P.-Y., Chen, Y.-H.: High payload secret hiding technology for QR codes. EURASIP J. Image Video Process. 2017(1), 1\u20138 (2017)","journal-title":"EURASIP J. Image Video Process."},{"key":"768_CR69","doi-asserted-by":"crossref","unstructured":"Dabrowski, A., Krombholz, K., Ullrich, J., Weippl, E.R.: QR inception: barcode-in-barcode attacks. In: Proceedings of the 4th ACM Workshop on Security and Privacy in Smartphones & Mobile Devices, pp. 3\u201310 (2014)","DOI":"10.1145\/2666620.2666624"},{"key":"768_CR70","doi-asserted-by":"crossref","unstructured":"Vidas, T., Owusu, E., Wang, S., Zeng, C., Cranor, L.F., Christin, N.: Qrishing: the susceptibility of smartphone users to QR code phishing attacks. In: International Conference on Financial Cryptography and Data Security, pp. 52\u201369. Springer (2013)","DOI":"10.1007\/978-3-642-41320-9_4"},{"key":"768_CR71","doi-asserted-by":"crossref","unstructured":"Focardi, R., Luccio, F.L., Wahsheh, H.A.M.: Security threats and solutions for two-dimensional barcodes: a comparative study. In: Computer and Network Security Essentials, pp. 207\u2013219. Springer (2018)","DOI":"10.1007\/978-3-319-58424-9_12"},{"key":"768_CR72","doi-asserted-by":"crossref","unstructured":"Verizon: Dbir:data breach investigations report. https:\/\/www.verizon.com\/business\/resources\/reports\/2020-data-breach-investigations-report.pdf (2020). Accessed Dec 2021","DOI":"10.1016\/S1361-3723(20)30059-2"},{"key":"768_CR73","unstructured":"PhishLabs: Social media attacks doubled in 2021 according to latest phishlabs report. https:\/\/www.phishlabs.com\/news\/social-media-attacks-doubled-in-2021-according-to-latest-phishlabs-report\/ (2022). Accessed 3 Sept 2022"},{"issue":"10","key":"768_CR74","doi-asserted-by":"publisher","first-page":"94","DOI":"10.1145\/1290958.1290968","volume":"50","author":"TN Jagatic","year":"2007","unstructured":"Jagatic, T.N., Johnson, N.A., Jakobsson, M., Menczer, F.: Social phishing. Commun. ACM 50(10), 94\u2013100 (2007)","journal-title":"Commun. ACM"},{"key":"768_CR75","unstructured":"Cisco: Cybersecurity threat trends: phishing, crypto top the list. https:\/\/learn-umbrella.cisco.com\/ebook-library\/2021-cyber-security-threat-trends-phishing-crypto-top-the-list (2021). Accessed 3 Sept 2022"},{"key":"768_CR76","unstructured":"Avanan: 1h cyber attack report. https:\/\/www.avanan.com\/hubfs\/Content\/Collateral\/1H-Cyber-Attack-Report.pdf (2021). Accessed 3 Sept 2022"},{"key":"768_CR77","unstructured":"Statista: Number of internet and social media users worldwide as of July 2022. https:\/\/www.statista.com\/statistics\/617136\/digital-population-worldwide\/ (2022). Accessed 3 Sept 2022"},{"key":"768_CR78","unstructured":"Statista: 16% of all facebook accounts are fake or duplicates. https:\/\/www.statista.com\/chart\/20685\/duplicate-and-false-facebook-accounts\/ (2020). Accessed 20 Aug 2022"},{"key":"768_CR79","doi-asserted-by":"crossref","unstructured":"Song, Y., Yang, C., Gu, G.: Who is peeping at your passwords at starbucks? To catch an evil twin access point. In: 2010 IEEE\/IFIP International Conference on Dependable Systems & Networks (DSN), pp. 323\u2013332. IEEE (2010)","DOI":"10.1109\/DSN.2010.5544302"},{"issue":"15","key":"768_CR80","doi-asserted-by":"publisher","first-page":"2787","DOI":"10.1016\/j.comnet.2010.05.010","volume":"54","author":"L Atzori","year":"2010","unstructured":"Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787\u20132805 (2010)","journal-title":"Comput. Netw."},{"key":"768_CR81","doi-asserted-by":"crossref","unstructured":"Sharma, R., Mahapatra, R.\u00a0P., Sharma, N.: The internet of things and its applications in cyber security. In: A Handbook of Internet of Things in Biomedical and Cyber Physical System, pp. 87\u2013108 (2020)","DOI":"10.1007\/978-3-030-23983-1_4"},{"key":"768_CR82","doi-asserted-by":"publisher","first-page":"2327","DOI":"10.1007\/s12083-020-00944-z","volume":"14","author":"K Nirmal","year":"2021","unstructured":"Nirmal, K., Janet, B., Kumar, R.: Analyzing and eliminating phishing threats in IoT, network and other web applications using iterative intersection. Peer-to-Peer Netw. Appl. 14, 2327\u20132339 (2021)","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"768_CR83","doi-asserted-by":"publisher","first-page":"909","DOI":"10.1016\/j.future.2018.04.027","volume":"108","author":"A Tewari","year":"2020","unstructured":"Tewari, A., Gupta, B.B.: Security, privacy and trust of different layers in internet-of-things (IoTs) framework. Future Gener. Comput. Syst. 108, 909\u2013920 (2020)","journal-title":"Future Gener. Comput. Syst."},{"key":"768_CR84","unstructured":"PaloAlto Networks. 2020 unit 42 IoT threat report. https:\/\/start.paloaltonetworks.com\/unit-42-iot-threat-report. Accessed July 2023"},{"issue":"1","key":"768_CR85","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/MSP.2013.106","volume":"12","author":"DD Caputo","year":"2013","unstructured":"Caputo, D.D., Pfleeger, S.L., Freeman, J.D., Johnson, M.E.: Going spear phishing: exploring embedded training and awareness. IEEE Secur. Priv. 12(1), 28\u201338 (2013)","journal-title":"IEEE Secur. Priv."},{"issue":"1","key":"768_CR86","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1016\/S1361-3723(12)70007-6","volume":"2012","author":"B Parmar","year":"2012","unstructured":"Parmar, B.: Protecting against spear-phishing. Comput. Fraud Secur. 2012(1), 8\u201311 (2012)","journal-title":"Comput. Fraud Secur."},{"issue":"4","key":"768_CR87","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1109\/TPC.2012.2208392","volume":"55","author":"J Wang","year":"2012","unstructured":"Wang, J., Herath, T., Chen, R., Vishwanath, A., Rao, H.R.: Research article phishing susceptibility: an investigation into the processing of a targeted spear phishing email. IEEE Trans. Prof. Commun. 55(4), 345\u2013362 (2012)","journal-title":"IEEE Trans. Prof. Commun."},{"key":"768_CR88","unstructured":"Symantec: Istr:internet security threat report. https:\/\/docs.broadcom.com\/doc\/istr-24-2019-en (2019). Accessed 23 Apr 2022"},{"key":"768_CR89","doi-asserted-by":"publisher","DOI":"10.1016\/j.tele.2020.101343","volume":"48","author":"Y Kwak","year":"2020","unstructured":"Kwak, Y., Lee, S., Damiano, A., Vishwanath, A.: Why do users not report spear phishing emails? Telemat. Inf. 48, 101343 (2020)","journal-title":"Telemat. Inf."},{"key":"768_CR90","unstructured":"Al-Musib, N.S., Al-Serhani, F.M., Humayun, M., Jhanjhi, N.Z.: Business email compromise (BEC) attacks. Mater. Today Proc. (2021)"},{"key":"768_CR91","unstructured":"FBI. Public service announcement. https:\/\/www.ic3.gov\/Media\/Y2022\/PSA220504 (2022). Accessed 23 Apr 2022"},{"key":"768_CR92","unstructured":"FBI. Public service announcement. https:\/\/www.ic3.gov\/Media\/Y2022\/PSA220216 (2022). Accessed 23 Apr 2022"},{"key":"768_CR93","doi-asserted-by":"crossref","unstructured":"Le\u00a0Page, S., Jourdan, G.-V.: Victim or attacker? A multi-dataset domain classification of phishing attacks. In: 2019 17th International Conference on Privacy, Security and Trust (PST), pp. 1\u201310. IEEE (2019)","DOI":"10.1109\/PST47121.2019.8949038"},{"key":"768_CR94","doi-asserted-by":"crossref","unstructured":"Corona, I., Biggio, B., Contini, M., Piras, L., Corda, R., Mereu, M., Mureddu, G., Ariu, D., Roli, F.: Deltaphish: detecting phishing webpages in compromised websites. In: European Symposium on Research in Computer Security, pp. 370\u2013388. Springer (2017)","DOI":"10.1007\/978-3-319-66402-6_22"},{"key":"768_CR95","doi-asserted-by":"crossref","unstructured":"Moore, T., Clayton, R.: Examining the impact of website take-down on phishing. In: Proceedings of the anti-phishing working groups 2nd annual eCrime researchers summit, pp. 1\u201313 (2007)","DOI":"10.1145\/1299015.1299016"},{"key":"768_CR96","unstructured":"PhishLabs. Most phishing attacks use compromised domains and free hosting. https:\/\/www.phishlabs.com\/blog\/most-phishing-attacks-use-compromised-domains-and-free-hosting\/ (2021). Accessed 14 Feb 2022"},{"issue":"1","key":"768_CR97","first-page":"21","volume":"30","author":"MB Pope","year":"2012","unstructured":"Pope, M.B., Warkentin, M., Mutchler, L.A., Luo, X.R.: The domain name system-past, present, and future. Commun. Assoc. Inf. Syst. 30(1), 21 (2012)","journal-title":"Commun. Assoc. Inf. Syst."},{"issue":"11","key":"768_CR98","doi-asserted-by":"publisher","first-page":"656","DOI":"10.1049\/el.2011.0399","volume":"47","author":"H Kim","year":"2011","unstructured":"Kim, H., Huh, J.H.: Detecting DNS-poisoning-based phishing attacks from their network performance characteristics. Electron. Lett. 47(11), 656\u2013658 (2011)","journal-title":"Electron. Lett."},{"key":"768_CR99","doi-asserted-by":"crossref","unstructured":"Perdisci, R., Antonakakis, M., Luo, X., Lee, W.: WSEC DNS: protecting recursive DNS resolvers from poisoning attacks. In: 2009 IEEE\/IFIP International Conference on Dependable Systems & Networks, pp. 3\u201312. IEEE (2009)","DOI":"10.1109\/DSN.2009.5270363"},{"key":"768_CR100","doi-asserted-by":"crossref","unstructured":"Schiller, C.A., Binkley, J., Harley, D., Evron, G., Bradley, T., Willems, C., Cross, M.: Botnets overview. In: Botnets, pp. 29\u201375. Syngress (2007)","DOI":"10.1016\/B978-159749135-8\/50004-4"},{"key":"768_CR101","doi-asserted-by":"crossref","unstructured":"Vural, I., Venter, H.: Detecting mobile spam botnets using artificial immune systems. In: IFIP International Conference on Digital Forensics, pp. 183\u2013192. Springer (2011)","DOI":"10.1007\/978-3-642-24212-0_14"},{"issue":"4\u20136","key":"768_CR102","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1080\/19393555.2015.1075629","volume":"24","author":"N Negash","year":"2015","unstructured":"Negash, N., Che, X.: An overview of modern botnets. Inf. Secur. J. Glob. Perspect. 24(4\u20136), 127\u2013132 (2015)","journal-title":"Inf. Secur. J. Glob. Perspect."},{"key":"768_CR103","unstructured":"Milletary, J., CERT\u00a0Coordination Center.: Technical trends in phishing attacks. Retrieved December 1(2007):3 (2005)"},{"issue":"1","key":"768_CR104","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1007\/s13198-015-0376-0","volume":"8","author":"S Gupta","year":"2017","unstructured":"Gupta, S., Gupta, B.B.: Cross-site scripting (XSS) attacks and defense mechanisms: classification and state-of-the-art. Int. J. Syst. Assur. Eng. Manag. 8(1), 512\u2013530 (2017)","journal-title":"Int. J. Syst. Assur. Eng. Manag."},{"key":"768_CR105","unstructured":"Ruderman, J.: The same origin policy. http:\/\/www.mozilla.org\/projects\/security\/components\/same-origin.html (2001)"},{"key":"768_CR106","unstructured":"Patchstack. State of wordpress security in 2021. https:\/\/patchstack.com\/wp-content\/uploads\/2022\/03\/Patchstack-%E2%80%93-State-Of-WordPress-Security-In-2021.pdf (2022). Accessed 15 May 2022"},{"key":"768_CR107","doi-asserted-by":"crossref","unstructured":"Nagar, N., Suman, U.: Prevention, detection, and recovery of CSRF attack in online banking system. In: Online banking security measures and data protection, pp. 172\u2013188. IGI Global (2017)","DOI":"10.4018\/978-1-5225-0864-9.ch011"},{"key":"768_CR108","doi-asserted-by":"publisher","DOI":"10.1088\/1742-6596\/1738\/1\/012073","volume":"1738","author":"J Zhang","year":"2021","unstructured":"Zhang, J., Hu, H., Huo, S.: A browser-based cross site request forgery detection model. J. Phys. Conf. Ser. 1738, 012073 (2021)","journal-title":"J. Phys. Conf. Ser."},{"key":"768_CR109","doi-asserted-by":"crossref","unstructured":"Gelernter, N., Herzberg, A.: Tell me about yourself: the malicious captcha attack. In: Proceedings of the 25th International Conference on World Wide Web, pp. 999\u20131008 (2016)","DOI":"10.1145\/2872427.2883005"},{"key":"768_CR110","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1016\/j.sbspro.2010.12.185","volume":"9","author":"N Yal\u00e7\u0131n","year":"2010","unstructured":"Yal\u00e7\u0131n, N., K\u00f6se, U.: What is search engine optimization: Seo? Procedia Soc. Behav. Sci. 9, 487\u2013493 (2010)","journal-title":"Procedia Soc. Behav. Sci."},{"issue":"1","key":"768_CR111","first-page":"247","volume":"10","author":"JA Chaudhry","year":"2016","unstructured":"Chaudhry, J.A., Chaudhry, S.A., Rittenhouse, R.G.: Phishing attacks and defenses. Int. J. Secur. Appl. 10(1), 247\u2013256 (2016)","journal-title":"Int. J. Secur. Appl."},{"issue":"1","key":"768_CR112","first-page":"72","volume":"3","author":"T Nagunwa","year":"2014","unstructured":"Nagunwa, T.: Behind identity theft and fraud in cyberspace: the current landscape of phishing vectors. Int. J. Cyber-Secur. Digit. Forensics IJCSDF 3(1), 72\u201383 (2014)","journal-title":"Int. J. Cyber-Secur. Digit. Forensics IJCSDF"},{"key":"768_CR113","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2022.100469","volume":"45","author":"O van der Toorn","year":"2022","unstructured":"van der Toorn, O., M\u00fcller, M., Dickinson, S., Hesselman, C., Sperotto, A., van Rijswijk-Deij, R.: Addressing the challenges of modern DNS a comprehensive tutorial. Comput. Sci. Rev. 45, 100469 (2022)","journal-title":"Comput. Sci. Rev."},{"issue":"31\u201336","key":"768_CR114","first-page":"2","volume":"6","author":"Y-M Wang","year":"2006","unstructured":"Wang, Y.-M., Beck, D., Wang, J., Verbowski, C., Daniels, B.: Strider typo-patrol: discovery and analysis of systematic typo-squatting. SRUTI 6(31\u201336), 2\u20132 (2006)","journal-title":"SRUTI"},{"key":"768_CR115","doi-asserted-by":"crossref","unstructured":"Spaulding, J., Nyang, D., Mohaisen, A.: Understanding the effectiveness of typosquatting techniques. In: Proceedings of the fifth ACM\/IEEE Workshop on Hot Topics in Web Systems and Technologies, pp. 1\u20138 (2017)","DOI":"10.1145\/3132465.3132467"},{"key":"768_CR116","doi-asserted-by":"crossref","unstructured":"Moore, T., Edelman, B.: Measuring the perpetrators and funders of typosquatting. In: International Conference on Financial Cryptography and Data Security, pp. 175\u2013191. Springer (2010)","DOI":"10.1007\/978-3-642-14577-3_15"},{"key":"768_CR117","unstructured":"Dinaburg, A.: Bitsquatting: Dns hijacking without exploitation (2011)"},{"key":"768_CR118","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Balduzzi, M., Desmet, L., Piessens, F., Joosen, W.: Soundsquatting: uncovering the use of homophones in domain squatting. In: International Conference on Information Security, pp. 291\u2013308. Springer (2014)","DOI":"10.1007\/978-3-319-13257-0_17"},{"key":"768_CR119","unstructured":"Holgers, T., Watson, D.E., Gribble, S.D.: Cutting through the confusion: a measurement study of homograph attacks. In: USENIX Annual Technical Conference, General Track, pp. 261\u2013266 (2006)"},{"key":"768_CR120","doi-asserted-by":"crossref","unstructured":"Kintis, P., Miramirkhani, N., Lever, C., Chen, Y., Romero-G\u00f3mez, R., Pitropakis, N., Nikiforakis, N., Antonakakis, M.: Hiding in plain sight: a longitudinal study of combosquatting abuse. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 569\u2013586 (2017)","DOI":"10.1145\/3133956.3134002"},{"key":"768_CR121","doi-asserted-by":"crossref","unstructured":"Zeng, Y., Zang, T., Zhang, Y., Chen, X., Wang, Y.: A comprehensive measurement study of domain-squatting abuse. In: ICC 2019-2019 IEEE International Conference on Communications (ICC), pp. 1\u20136. IEEE (2019)","DOI":"10.1109\/ICC.2019.8761388"},{"key":"768_CR122","doi-asserted-by":"crossref","unstructured":"Nikiforakis, N., Van\u00a0Acker, S., Meert, W., Desmet, L., Piessens, F., Joosen, W.: Bitsquatting: exploiting bit-flips for fun, or profit? In: Proceedings of the 22nd international conference on World Wide Web, pp. 989\u2013998 (2013)","DOI":"10.1145\/2488388.2488474"},{"key":"768_CR123","unstructured":"Rader, M., Rahman, S.: Exploring historical and emerging phishing techniques and mitigating the associated security risks. arXiv preprint arXiv:1512.00082 (2015)"},{"key":"768_CR124","doi-asserted-by":"crossref","unstructured":"Skolka, P., Staicu, C.-A., Pradel, M.: Anything to hide? Studying minified and obfuscated code in the web. In: The World Wide Web Conference, pp. 1735\u20131746 (2019)","DOI":"10.1145\/3308558.3313752"},{"key":"768_CR125","unstructured":"APWG. Phishing activity trends report-4th quarter 2020. https:\/\/docs.apwg.org\/reports\/apwg_trends_report_q4_2020.pdf?_ga=2.52213802.263073049.1665252062-1448730527.1654753557 &_gl=1*1imdh26*_ga*MTQ0ODczMDUyNy4xNjU0NzUzNTU3*_ga_55RF0RHXSR*MTY2NTI1MjA2MS4xOC4wLjE2NjUyNTIzNTMuMC4wLjA (2021). Accessed April 2022"},{"key":"768_CR126","doi-asserted-by":"crossref","unstructured":"Sarker, S., Jueckstock, J., Kapravelos, A.: Hiding in plain site: detecting javascript obfuscation through concealed browser api usage. In: Proceedings of the ACM Internet Measurement Conference, pp. 648\u2013661 (2020)","DOI":"10.1145\/3419394.3423616"},{"key":"768_CR127","doi-asserted-by":"crossref","unstructured":"Romano, A., Lehmann, D., Pradel, M., Wang, W.: Wobfuscator: Obfuscating javascript malware via opportunistic translation to webassembly. In: Proceedings of the 2022 IEEE Symposium on Security and Privacy (S &P 2022), pp. 1101\u20131116 (2022)","DOI":"10.1109\/SP46214.2022.9833626"},{"issue":"1","key":"768_CR128","first-page":"46","volume":"12","author":"K Bagchi","year":"2003","unstructured":"Bagchi, K., Udo, G.: An analysis of the growth of computer and internet security breaches. Commun. Assoc. Inf. Syst. 12(1), 46 (2003)","journal-title":"Commun. Assoc. Inf. Syst."},{"key":"768_CR129","first-page":"24","volume":"6","author":"DT Loughran","year":"2018","unstructured":"Loughran, D.T., Salih, M.K., Subburaj, V.H.: All about SQL injection attacks. J. Colloq. Inf. Syst. Secur. Educ. 6, 24\u201324 (2018)","journal-title":"J. Colloq. Inf. Syst. Secur. Educ."},{"issue":"5","key":"768_CR130","doi-asserted-by":"publisher","first-page":"195","DOI":"10.14257\/ijunesst.2015.8.5.18","volume":"8","author":"DR Patil","year":"2015","unstructured":"Patil, D.R., Patil, J.B.: Survey on malicious web pages detection techniques. Int. J. u-and e-Serv. Sci. Technol. 8(5), 195\u2013206 (2015)","journal-title":"Int. J. u-and e-Serv. Sci. Technol."},{"issue":"3","key":"768_CR131","doi-asserted-by":"publisher","first-page":"2027","DOI":"10.1109\/COMST.2016.2548426","volume":"18","author":"M Conti","year":"2016","unstructured":"Conti, M., Dragoni, N., Lesyk, V.: A survey of man in the middle attacks. IEEE Commun. Surv. Tutor. 18(3), 2027\u20132051 (2016)","journal-title":"IEEE Commun. Surv. Tutor."},{"issue":"4","key":"768_CR132","doi-asserted-by":"publisher","first-page":"2845","DOI":"10.1007\/s11277-021-08852-y","volume":"121","author":"R Sahani","year":"2021","unstructured":"Sahani, R., Randhawa, S.: Clickjacking: Beware of clicking. Wirel. Pers. Commun. 121(4), 2845\u20132855 (2021)","journal-title":"Wirel. Pers. Commun."},{"issue":"4\u20136","key":"768_CR133","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1080\/19393555.2014.931489","volume":"23","author":"H Shahriar","year":"2014","unstructured":"Shahriar, H., Devendran, V.K.: Classification of clickjacking attacks and detection techniques. Inf. Secur. J. A Glob. Perspect. 23(4\u20136), 137\u2013147 (2014)","journal-title":"Inf. Secur. J. A Glob. Perspect."},{"key":"768_CR134","doi-asserted-by":"crossref","unstructured":"Sinha, R., Uppal, D., Singh, D., Rathi, R.: Clickjacking: existing defenses and some novel approaches. In: 2014 International Conference on Signal Propagation and Computer Technology (ICSPCT 2014), pp 396\u2013401. IEEE (2014)","DOI":"10.1109\/ICSPCT.2014.6884934"},{"key":"768_CR135","unstructured":"Akhawe, D., He, W., Li, Z., Moazzezi, R., Song, D.: Clickjacking revisited: a perceptual view of $$\\{$$UI$$\\}$$ security. In: 8th USENIX workshop on offensive technologies (WOOT 14) (2014)"},{"key":"768_CR136","unstructured":"Stone, P.: Next generation clickjacking. BlackHat Europe (2010)"},{"key":"768_CR137","unstructured":"Huang, L.-S., Moshchuk, A., Wang, H.J., Schecter, S., Jackson, C.: Clickjacking: attacks and defenses. In: 21st USENIX Security Symposium (USENIX Security 12), pp. 413\u2013428 (2012)"},{"key":"768_CR138","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1016\/j.comcom.2021.04.023","volume":"175","author":"BB Gupta","year":"2021","unstructured":"Gupta, B.B., Yadav, K., Razzak, I., Psannis, K., Castiglione, A., Chang, X.: A novel approach for phishing URLs detection using lexical based machine learning in a real-time environment. Comput. Commun. 175, 47\u201357 (2021)","journal-title":"Comput. Commun."},{"issue":"5","key":"768_CR139","doi-asserted-by":"publisher","first-page":"2015","DOI":"10.1007\/s12652-018-0798-z","volume":"10","author":"AK Jain","year":"2019","unstructured":"Jain, A.K., Gupta, B.B.: A machine learning based approach for phishing detection using hyperlinks information. J. Amb. Intell. Hum. Comput. 10(5), 2015\u20132028 (2019)","journal-title":"J. Amb. Intell. Hum. Comput."},{"issue":"1","key":"768_CR140","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s13278-021-00829-w","volume":"11","author":"AV Ramana","year":"2021","unstructured":"Ramana, A.V., Rao, K.L., Rao, R.S.: Stop-phish: an intelligent phishing detection method using feature selection ensemble. Soc. Netw. Anal. Min. 11(1), 1\u20139 (2021)","journal-title":"Soc. Netw. Anal. Min."},{"issue":"11","key":"768_CR141","doi-asserted-by":"publisher","first-page":"5733","DOI":"10.1007\/s00521-020-05354-z","volume":"33","author":"RS Rao","year":"2021","unstructured":"Rao, R.S., Pais, A.R., Anand, P.: A heuristic technique to detect phishing websites using TWSVM classifier. Neural Comput. Appl. 33(11), 5733\u20135752 (2021)","journal-title":"Neural Comput. Appl."},{"key":"768_CR142","doi-asserted-by":"publisher","first-page":"246","DOI":"10.1016\/j.cose.2019.02.011","volume":"83","author":"RS Rao","year":"2019","unstructured":"Rao, R.S., Pais, A.R.: Jail-phish: an improved search engine based phishing detection system. Comput. Secur. 83, 246\u2013267 (2019)","journal-title":"Comput. Secur."},{"issue":"6","key":"768_CR143","first-page":"90","volume":"1","author":"RK Suri","year":"2012","unstructured":"Suri, R.K., Tomar, D.S., Sahu, D.R.: An approach to perceive tabnabbing attack. Int. J. Sci. Technol. Res. 1(6), 90\u201394 (2012)","journal-title":"Int. J. Sci. Technol. Res."},{"key":"768_CR144","unstructured":"Raskin, A.: Tabnabbing: a new type of phishing attack. l\u00ednea. http:\/\/www.azarask.in\/blog\/post\/a-new-type-of-phishing-attack\/. [\u00daltimo acceso: 10 12 2013] (2010)"},{"key":"768_CR145","unstructured":"Kolsek, M.: Session fixation vulnerability in web-based applications. ACROS Security. http:\/\/www.acrossecurity.com\/papers\/sessionfixation.pdf (2002)"},{"key":"768_CR146","unstructured":"Kaspersky. Phishing-kit market: what\u2019s inside \u201coff-the-shelf\u201d phishing packages. https:\/\/securelist.com\/phishing-kit-market-whats-inside-off-the-shelf-phishing-packages\/106149\/ (2022). Accessed 25 Aug 2022"},{"key":"768_CR147","unstructured":"Kaspersky. How scammers are creating thousands of fake pages using phishing kits. https:\/\/usa.kaspersky.com\/about\/press-releases\/2022_quick-cheap-and-dangerous-how-scammers-are-creating-thousands-of-fake-pages-using-phishing-kits (2022). Accessed 25 Aug 2022"},{"key":"768_CR148","doi-asserted-by":"crossref","unstructured":"Bahnsen, A.C., Torroledo, I., Camacho, L.D., Villegas, S.: Deepphish: simulating malicious AI. In: 2018 APWG Symposium on Electronic Crime Research (eCrime), pp. 1\u20138 (2018)","DOI":"10.1109\/ECRIME.2017.7945048"},{"key":"768_CR149","unstructured":"Group-IB. https:\/\/www.group-ib.com\/media-center\/press-releases\/phishing-kits-2022\/ (2023). Accessed Sep 2023"},{"key":"768_CR150","unstructured":"CNBC. https:\/\/www.cnbc.com\/2023\/01\/07\/phishing-attacks-are-increasing-and-getting-more-sophisticated.html (2023). Accessed July 2023"},{"key":"768_CR151","doi-asserted-by":"crossref","unstructured":"Dupuis, M., Geiger, T., Slayton, M., Dewing, F.: The use and non-use of cybersecurity tools among consumers: do they want help? In: Proceedings of the 20th Annual SIG Conference on Information Technology Education, pp. 81\u201386 (2019)","DOI":"10.1145\/3349266.3351419"},{"key":"768_CR152","unstructured":"SECTRIO. https:\/\/sectrio.com\/iot-security-reports\/2023-ot-iot-threat-landscape-report\/ (2023). Accessed July 2023"},{"key":"768_CR153","unstructured":"Proofpoint. https:\/\/www.proofpoint.com\/sites\/default\/files\/threat-reports\/pfpt-us-tr-state-of-the-phish-2023.pdf (2023). Accessed Sep 2023"},{"key":"768_CR154","unstructured":"Check Point. https:\/\/www.avanan.com\/hubfs\/2022-Defender-Report\/WP_Avanan_Keeping_Your_Emails_Secure_Who_Does_It_Best.pdf (2022). Accessed Sep 2023"},{"key":"768_CR155","unstructured":"Abnormal Society. https:\/\/cdn2.assets-servd.host\/gifted-zorilla\/production\/files\/Read-Alert-Data-Shows-28-of-BEC-Attacks-Opened-by-Employees.pdf?dm=1675457683 (2023). Accessed Sep 2023"},{"key":"768_CR156","unstructured":"AKAMAI. https:\/\/www.akamai.com\/blog\/security\/over-25-percent-of-malicious-javascript-is-being-obfuscated (2021). Accessed July 2023"},{"key":"768_CR157","unstructured":"AKAMAI. https:\/\/www.akamai.com\/blog\/security\/web-application-and-api-protection-from-sql-injection-to-magecart (2020). Accessed July 2023"},{"key":"768_CR158","unstructured":"COMPARITECH. https:\/\/www.comparitech.com\/blog\/information-security\/botnet-statistics\/ (2022). Accessed July 2023"},{"key":"768_CR159","unstructured":"ZedNET. https:\/\/www.zdnet.com\/article\/clickjacking-scripts-found-on-613-popular-sites-academics-say\/\/ (2019). Accessed July 2023"},{"key":"768_CR160","unstructured":"F5 Labs. https:\/\/www.f5.com\/content\/dam\/f5-labs-v2\/article\/articles\/threats\/22--2020-oct-dec\/20201110_2020_phishing_report\/F5Labs-2020-Phishing-and-Fraud-Report.pdf (2020). Accessed July 2023"},{"key":"768_CR161","unstructured":"CheckPoint. https:\/\/blog.checkpoint.com\/security\/social-networks-most-likely-to-be-imitated-by-criminal-groups-with-linkedin-now-accounting-for-half-of-all-phishing-attempts-worldwide\/ (2022). Accessed July 2023"},{"key":"768_CR162","doi-asserted-by":"crossref","unstructured":"Rao, R.S., Pais, A.R.: An enhanced blacklist method to detect phishing websites. In: International Conference on Information Systems Security, pp. 323\u2013333. Springer (2017)","DOI":"10.1007\/978-3-319-72598-7_20"},{"key":"768_CR163","doi-asserted-by":"crossref","unstructured":"Bell, S., Komisarczuk, P.: An analysis of phishing blacklists: Google safe browsing, openphish, and phishtank. In: Proceedings of the Australasian Computer Science Week Multiconference, pp. 1\u201311 (2020)","DOI":"10.1145\/3373017.3373020"},{"key":"768_CR164","doi-asserted-by":"crossref","unstructured":"Prakash, P., Kumar, M., Kompella, R\u00a0R., Gupta, M.: Phishnet: predictive blacklisting to detect phishing attacks. In: 2010 Proceedings IEEE INFOCOM, pp. 1\u20135. IEEE (2010)","DOI":"10.1109\/INFCOM.2010.5462216"},{"issue":"15","key":"768_CR165","doi-asserted-by":"publisher","first-page":"11861","DOI":"10.1016\/j.eswa.2012.02.020","volume":"39","author":"W Han","year":"2012","unstructured":"Han, W., Cao, Y., Bertino, E., Yong, J.: Using automated individual white-list to protect web digital identities. Expert Syst. Appl. 39(15), 11861\u201311869 (2012)","journal-title":"Expert Syst. Appl."},{"issue":"1","key":"768_CR166","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1186\/s13635-015-0028-6","volume":"2016","author":"AK Jain","year":"2016","unstructured":"Jain, A.K., Gupta, B.B.: A novel approach to protect against phishing attacks at client side using auto-updated white-list. EURASIP J. Inf. Secur. 2016(1), 1\u201311 (2016)","journal-title":"EURASIP J. Inf. Secur."},{"key":"768_CR167","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102328","volume":"108","author":"NA Azeez","year":"2021","unstructured":"Azeez, N.A., Misra, S., Margaret, I.A., Fernandez-Sanz, L., et al.: Adopting automated whitelist approach for detecting phishing attacks. Comput. Secur. 108, 102328 (2021)","journal-title":"Comput. Secur."},{"key":"768_CR168","unstructured":"Sheng, S., Wardman, B., Warner, G., Hong, J., Zhang, C.: An empirical analysis of phishing blacklists. Lorrie Cranor (2009)"},{"key":"768_CR169","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1016\/j.eswa.2018.09.029","volume":"117","author":"OK Sahingoz","year":"2019","unstructured":"Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from URLs. Expert Syst. Appl. 117, 345\u2013357 (2019)","journal-title":"Expert Syst. Appl."},{"key":"768_CR170","doi-asserted-by":"crossref","unstructured":"Jain, A.K., Gupta, B.B.: Phish-safe: URL features-based phishing detection system using machine learning. In: Cyber Security, pp. 467\u2013474. Springer (2018)","DOI":"10.1007\/978-981-10-8536-9_44"},{"key":"768_CR171","doi-asserted-by":"crossref","unstructured":"Ali, M.S., Jain, A.K.: Efficient feature selection approach for detection of phishing URL of Covid-19 era. In: International Conference on Cyber Security, Privacy and Networking, pp. 45\u201356. Springer (2021)","DOI":"10.1007\/978-3-031-22018-0_5"},{"key":"768_CR172","doi-asserted-by":"publisher","first-page":"1102","DOI":"10.1016\/j.procs.2020.04.118","volume":"171","author":"AK Jain","year":"2020","unstructured":"Jain, A.K., Parashar, S., Katare, P., Sharma, I.: Phishskape: a content based approach to escape phishing attacks. Procedia Comput. Sci. 171, 1102\u20131109 (2020)","journal-title":"Procedia Comput. Sci."},{"key":"768_CR173","doi-asserted-by":"crossref","unstructured":"Rao, R.S., Umarekar, A., Pais, A.R.: Application of word embedding and machine learning in detecting phishing websites. Telecommun. Syst. 1\u201313 (2022)","DOI":"10.1007\/s11235-021-00850-6"},{"key":"768_CR174","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1016\/j.cose.2016.08.003","volume":"62","author":"G Varshney","year":"2016","unstructured":"Varshney, G., Misra, M., Atrey, P.K.: A phish detector using lightweight search features. Comput. Secur. 62, 213\u2013228 (2016)","journal-title":"Comput. Secur."},{"issue":"6","key":"768_CR175","doi-asserted-by":"publisher","first-page":"1783","DOI":"10.1007\/s12652-017-0616-z","volume":"9","author":"AK Jain","year":"2018","unstructured":"Jain, A.K., Gupta, B.B.: Two-level authentication approach to protect from phishing attacks in real time. J. Amb. Intell. Hum. Comput. 9(6), 1783\u20131796 (2018)","journal-title":"J. Amb. Intell. Hum. Comput."},{"issue":"2","key":"768_CR176","doi-asserted-by":"publisher","first-page":"94","DOI":"10.4018\/JITR.2020040106","volume":"13","author":"BB Gupta","year":"2020","unstructured":"Gupta, B.B., Jain, A.K.: Phishing attack detection using a search engine and heuristics-based technique. J. Inf. Technol. Res. JITR 13(2), 94\u2013109 (2020)","journal-title":"J. Inf. Technol. Res. JITR"},{"issue":"4","key":"768_CR177","doi-asserted-by":"publisher","first-page":"687","DOI":"10.1007\/s11235-017-0414-0","volume":"68","author":"AK Jain","year":"2018","unstructured":"Jain, A.K., Gupta, B.B.: Towards detection of phishing websites on client-side using machine learning based approach. Telecommun. Syst. 68(4), 687\u2013700 (2018)","journal-title":"Telecommun. Syst."},{"issue":"8","key":"768_CR178","doi-asserted-by":"publisher","first-page":"3851","DOI":"10.1007\/s00521-017-3305-0","volume":"31","author":"RS Rao","year":"2019","unstructured":"Rao, R.S., Pais, A.R.: Detection of phishing websites using an efficient feature-based machine learning framework. Neural Comput. Appl. 31(8), 3851\u20133873 (2019)","journal-title":"Neural Comput. Appl."},{"issue":"12","key":"768_CR179","doi-asserted-by":"publisher","first-page":"11117","DOI":"10.1002\/int.23035","volume":"37","author":"AK Jain","year":"2022","unstructured":"Jain, A.K., Gupta, B.B., Kaur, K., Bhutani, P., Alhalabi, W., Almomani, A.: A content and URL analysis-based efficient approach to detect smishing SMS in intelligent systems. Int. J. Intell. Syst. 37(12), 11117\u201311141 (2022)","journal-title":"Int. J. Intell. Syst."},{"key":"768_CR180","doi-asserted-by":"publisher","first-page":"17020","DOI":"10.1109\/ACCESS.2017.2743528","volume":"5","author":"J Mao","year":"2017","unstructured":"Mao, J., Tian, W., Li, P., Wei, T., Liang, Z.: Phishing-alarm: robust and efficient phishing detection via page component similarity. IEEE Access 5, 17020\u201317030 (2017)","journal-title":"IEEE Access"},{"issue":"10","key":"768_CR181","doi-asserted-by":"publisher","first-page":"1681","DOI":"10.3390\/sym12101681","volume":"12","author":"J-L Chen","year":"2020","unstructured":"Chen, J.-L., Ma, Y.-W., Huang, K.-L.: Intelligent visual similarity-based phishing websites detection. Symmetry 12(10), 1681 (2020)","journal-title":"Symmetry"},{"issue":"9","key":"768_CR182","doi-asserted-by":"publisher","first-page":"3853","DOI":"10.1007\/s12652-019-01637-z","volume":"11","author":"Routhu Srinivasa Rao and Alwyn Roshan Pais","year":"2020","unstructured":"Routhu Srinivasa Rao and Alwyn Roshan Pais: Two level filtering mechanism to detect phishing sites using lightweight visual similarity approach. J. Ambient. Intell. Humaniz. Comput. 11(9), 3853\u20133872 (2020)","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"768_CR183","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101855","volume":"95","author":"Ahmet Selman Bozkir and Murat Aydos","year":"2020","unstructured":"Ahmet Selman Bozkir and Murat Aydos: Logosense: a companion hog based logo detection scheme for phishing web page and e-mail brand recognition. Comput. Secur. 95, 101855 (2020)","journal-title":"Comput. Secur."},{"key":"768_CR184","unstructured":"Phishtank. https:\/\/phishtank.org\/. Accessed July 2023"},{"key":"768_CR185","unstructured":"Ahrefs. https:\/\/ahrefs.com\/. Accessed July 2023"},{"key":"768_CR186","unstructured":"Similarweb. https:\/\/www.similarweb.com\/. Accessed July 2023"},{"key":"768_CR187","unstructured":"Majestic million. https:\/\/majestic.com\/reports\/majestic-million. Accessed July 2023"},{"key":"768_CR188","unstructured":"https:\/\/github.com\/ebubekirbbr\/pdd\/tree\/master\/input. Accessed July 2023"},{"key":"768_CR189","unstructured":"https:\/\/www.unb.ca\/cic\/datasets\/url-2016.html. Accessed July 2023"},{"key":"768_CR190","unstructured":"Vrban\u010di\u010d, G.: Phishing websites dataset. Mendeley Data (2020)"},{"key":"768_CR191","unstructured":"Jpcert\/cc. https:\/\/github.com\/JPCERTCC\/phishurl-list\/. Accessed July 2023"},{"key":"768_CR192","doi-asserted-by":"crossref","unstructured":"Lee, L.-H., Lee, K.-C., Chen, H.-H., Tseng, Y.-H.: Poster: Proactive blacklist update for anti-phishing. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1448\u20131450 (2014)","DOI":"10.1145\/2660267.2662362"},{"key":"768_CR193","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.102123","volume":"104","author":"PA Barraclough","year":"2021","unstructured":"Barraclough, P.A., Fehringer, G., Woodward, J.: Intelligent cyber-phishing detection for online. Comput. Secur. 104, 102123 (2021)","journal-title":"Comput. Secur."},{"key":"768_CR194","doi-asserted-by":"publisher","first-page":"36805","DOI":"10.1109\/ACCESS.2023.3252366","volume":"11","author":"A Karim","year":"2023","unstructured":"Karim, A., Shahroz, M., Mustofa, K., Belhaouari, S.B., Joga, S.R.K.: Phishing detection system through hybrid machine learning based on URL. IEEE Access 11, 36805\u201336822 (2023)","journal-title":"IEEE Access"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-023-00768-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-023-00768-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-023-00768-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,31]],"date-time":"2024-10-31T05:41:35Z","timestamp":1730353295000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-023-00768-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,10,19]]},"references-count":194,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2024,4]]}},"alternative-id":["768"],"URL":"https:\/\/doi.org\/10.1007\/s10207-023-00768-x","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,10,19]]},"assertion":[{"value":"19 October 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare no competing interests.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}