2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

Detection of Phishing and User Awareness Training

in Information Security: A Systematic Literature
Review
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM) | 978-1-6654-6643-1/22/$31.00 ©2022 IEEE | DOI: 10.1109/ICIPTM54933.2022.9753912

Kanchan Patil Sai Rohith Arra

Symbiosis Centre for Information Technology Symbiosis Centre for Information Technology
Symbiosis International (Deemed University) Symbiosis International (Deemed University)
Pune, Maharashtra, India. Pune, Maharashtra, India.
[email protected] [email protected]

Abstract--Phishing is a method of online fraud where attackers research issues. However, phishing attacks work peculiarly
are targeted to gain access to the computer systems for monetary as a conventional information-stealing technique, causing
benefits or personal gains. In this case, the attackers pose many privacy infringement incidents [1]. Fraudulent activity
themselves as legitimate entities to gain the users' sensitive can generally be referred to as a trick to deceive individuals
information. Phishing has been significant concern over the past
into disclosing their sensitive data, primarily for monetary or
few years. The firms are recording an increase in phishing
attacks primarily aimed at the firm's intellectual property and personal gain.
the employees' sensitive data. As a result, these attacks force
firms to spend more on information security, both in Social engineering is a method of obtaining unauthorized
technology-centric and human-centric approaches. With the information or accessing information systems. Social
advancements in cyber-security in the last ten years, many engineers utilize a scope of procedures to convert their
techniques evolved to detect phishing-related activities through objectives into action [2]. It could be as straightforward as
websites and emails. This study focuses on the latest techniques picking up somebody's faith and trust via telephone to get
used for detecting phishing attacks, including the usage of confidential data about setting up bait for somebody to get to
Visual selection features, Machine Learning (ML), and
a compromised site using phishing techniques [3]. Phishing
Artificial Intelligence (AI) to see the phishing attacks. New
strategies for identifying phishing attacks are evolving, but is, in reality, one of the methods utilized in assaults against
limited standardized knowledge on phishing identification and Social Engineering. This is used as a tool by the attackers to
mitigation is accessible from user awareness training. So, this deceive users into disclosing sensitive and confidential
study also focuses on the role of security-awareness movements information that can be used to conduct nefarious activities.
to minimize the impact of phishing attacks. There are many The most famous kind of web-based phishing includes
approaches to train the user regarding these attacks, such as sending fraudulent emails or messages that at one stage divert
persona-centred training, anti-phishing techniques, visual the victims to a website that looks legit but malicious [4].
discrimination training and the usage of spam filters, robust When on the website, victims knowingly submit their
firewalls and infrastructure, dynamic technical defense
confidential information (e.g., usernames, passwords, date of
mechanisms, use of third-party certified software to mitigate
phishing attacks from happening. Therefore, the purpose of this birth, id cards), and also the financial details, in the
paper is to carry out a systematic analysis of literature to assess assumption that the WebPages, forums, or databases on
the state of knowledge in prominent scientific journals on the which they are working are legitimate [5]. False messages
identification and prevention of phishing. Forty-three journal likewise show up very authentic, and the site where the web
articles with the perspective of phishing detection and users were approached to enter individual data regularly
prevention through awareness training were reviewed from seems like a legitimate one [6]. The phishing websites
2011 to 2020. This timely systematic review also focuses on the detected in the third quarter of 2019 sum up to 266,387, which
gaps identified in the selected primary studies and future was up by 46% compared to the phishing attacks in the
research directions in this area.
second quarter of the same year. From the beginning of
Keywords--Phishing, Security-awareness, Phishing detection, March 2020, cybercriminals launched various phishing and
Phishing mitigation and Quality assurance. malware attacks on the theme of COVID-19 against
hospitals, working staff, and the recently unemployed [7].
I. INTRODUCTION The phishing websites detected in the first quarter of 2020
were 165,772, which was more when compared to the final
Social networking sites have developed into one of the most quarter of 2019, which was around 162,155(APWG |
mainstream platforms for users to communicate. Users utilize Phishing Activity Trends Reports, n.d.) [8]. Phishing is one
social networking sites to connect and exchange information. of the standards and most widely used attacks to trap users.
Considering the considerable measure of social information As it is evident that the number of phishing attacks shows an
accessible on social networking sites, the security and the increasing trend every year, there is inadequate consolidated
protection of users' data has gotten one of the most significant evidence available to the users [9]. Therefore, the main focus
of this study is to perform a systematic literature review to

780
978-1-6654-6643-1/22/$31.00 ©2022 IEEE

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

find out what kind of studies have been published during the after 2011, as shown in Figure 1 (based on Scopus database
last decade in leading academic journals regarding phishing search, which is further explained in section 2 of this paper).
and its detection [10]. Also, with the advancements in technology, the techniques
used to detect phishing before 2010 might be obsolete, and
Despite rising phishing attacks over the years, there's also a fewer papers were published on this issue before 2011.
growing need for information security training. The
knowledge of information security (ISA) can be defined as a
state of awareness in which users of information systems are
ideally dedicated to the policies and rules, recognize
potential, realize the significance of authority and
responsibility and act accordingly [11]. Usually, in the field
of information security, to mitigate or minimize the impact of
phishing attacks, the human factor is as significant as the
technical factor, such as detecting the phishing webpage or a
phishing email [12]. Although there are novel techniques to
detect phishing, the attackers discover new ways to evade the
defence mechanisms. Equal importance must be given to the
mitigation strategies through security awareness and training
Figure 1. Year Wise Trend of Articles Published on Phishing Detection
programs to every internet user. In organizations, work-based (Scopus database).
practices and policies play an essential factor in impacting the
response behaviours [13]. Shaping workplace reaction This research study is further structured according to the
behaviour, shaping context-specific attitudes, aspirations, following. The methods used in this analysis are stated in
and perceptions of risk has a significant role in minimizing section 2. The findings of the systematic analysis are
the impact of phishing attacks [14]. Security education, summarized in Section 3, and Section 4 presents the
awareness, and training through compulsory or annual conclusion of key findings and their discussion. Section 5
refresher material will promote a general understanding of suggests the future scope in this field.
issues. There are several approaches for addressing safety
awareness to achieve compliance aspects. Therefore, human II. METHODOLOGY
interaction, which is fundamental to interact with systems,
businesses, and processes, must be recognized when the The systematic literature review is often used to review
security awareness-related concerns and needs are managed current literature on the detection mechanisms used for
effectively [15]. Also, a typical Internet user often finds it phishing and the role of user awareness training in
difficult to classify a regular webpage and a phishing information security to prevent phishing attacks. A
webpage. In this case, it is progressive (from simple to hard) systematic review helps to ensure the collection of the entire
training successfully labels web pages into illegitimate and census of the relevant literature. This literature review is
legitimate groups when decisions must be taken primarily on based on a thorough plan to provide a qualitative data on
perceptual evidence [16]. phishing detection and the role of user awareness training in
the prevention of phishing attacks. PRISMA framework
Researchers and information security experts have been guidelines were applied to standardize the features of this
researching how phishing attacks cause adverse effects to paper on systematic literature review. The process is
individual users and businesses. Previous researchers have pictorially summarized in Figure 2.
discussed the detection of phishing attacks through
frameworks, guidelines, etc. Our study aims to conduct a III. LITERATURE REVIEW
systematically review on the current state of literature to
provide good insights on phishing detection and prevention For this systematic search, we developed a search strategy to
techniques while addressing the following research questions identify relevant literature. This search strategy was tailored
[17]: to a single database: Scopus, as it is known for containing
high-quality journal papers, including a considerable and
Cybercriminals have become more organized in the way they significant number of papers in the fields of Computer
attack. They are now concentrating on the human factor to Science, Information Security, Computer Networks and
penetrate information systems. Thus, phishing has been a Communications and Application of Computer Engineering
significant concern, especially over the last ten years, as the disciplines. The Boolean operators were limited to "AND"
firms are recording an increase in phishing attacks that are and "OR". The strings used to search were:
aimed at the firm's intellectual property and sensitive data of (“phishing” AND “detection”)
the employees. So, more research is happening in this field
from the beginning of the last decade [18]. More than 50 (“information security” OR “cyber security” OR “phishing”)
papers on the detection of phishing are published every year AND (“awareness” OR “training”)

781

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

Category Papers
These searches were based on the title, keywords and Phishing Detection 26
abstract.
Security Awareness Training 17
A. Selection Criteria Phishing Mitigation Strategies 13

The criteria for selection were relied on the PRISMA Section 4 provides a detailed explanation of each category.
framework. The search mainly focused on mapping the Table 1 shows the number of studies per each category.
existing literature on phishing and detection along with the Kindly note that an article may appear in more than one
awareness trainings in the field of computer science, category and that the numbers do not sum up to 43.
engineering, psychology, social sciences, decision sciences,
and business management [19]. D. Publications Over Time

B. Quality Assurance Figure 3 displays the number of primary studies published

with respect to each year. As displayed in the figure, there is
The study is based only on the original research articles, a rising trend in the articles published on phishing because of
review papers, and conference papers. For maintain the the increasing cyber-attacks and data breaches over the last
quality of the review, all duplications were checked few years. We believe that we might observe a significant
thoroughly. There were 12 duplicate records which are increase in the number of research studies regarding phishing
filtered out in this stage. The articles which have citations shortly due to the rise of such kinds of attacks during the
greater than or equal to 10 are considered from 2011 to 2018. COVID-19 scenario and because of new techniques adopted
by the attackers to perform phishing attacks. The number of
1. Is the article concerned about phishing or phishing publications in 2020 is shown until April.
related awareness trainings?
2. Is the focus of paper on the phishing detection or
mitigation strategies?
3. Is it a conference article/review/ journal article?
4. Is the language of the published article English?

The shortlisted papers were read in full after the abstract

screening process to ensure that the earlier versions of the
same paper are removed. A total of 43 articles were
shortlisted in this final stage. Figure 2 shows the literature
inclusion and exclusion at every stage. (PRISMA statement).

Figure 3. Number of primary studies published over time.

E. Country-wise Distribution

Figure 4 displays the number of primary studies published in

various countries. As shown in the figure, the researchers'
significant contribution from the countries likes the USA,
India, UK, China, Australia, and Malaysia. Also, there is a
contribution by the researchers from the countries like
Jordan, Morocco, and Nigeria. This clearly states that
phishing attacks or cyber-crimes are not confined to specific
countries, but it is one of the concerning issues around the
globe.

Figure 2.Flow Chart of Literature Synthesis.

C. Reporting

TABLE I. CATEGORIZATION OF INITIAL FINDINGS DEALING WITH

PHISHING ATTACKS

782

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

Berlin Heidelberg published more articles than that of other

journals, followed by the Association for Computing
Machinery and Institute of Electrical and Electronics
Engineers Inc.

Figure 4.Country-wise distribution of primary studies.

Browser alerting mechanism when a user visits unknown

website whereas the studies in the USA concentrates both on
phishing detection and security awareness training. Some of Figure 6.Journal Publication Details of Primary Studies (count>=2).
them include phish GILLNET (multi-layered approach) and
the studies report regarding training and awareness. The H. Count of Author’s Keywords
studies from the UK mainly focus on security awareness
training. Figure 7 displays the count of the author's keywords in the
primary studies. As shown in the figure, the keyword
F. Significant Keyword Count "phishing" has been used by authors more frequently,
followed by other keywords such as Information Security and
The strategies of words are used in all the 43 primary studies. Social Engineering.
Figure 5 displays the fair few times in the primary research
that certain specific terms appear. As the picture shows,
except for the key words chosen by the author, i.e., "phishing"
and "detect," the keywords view most repeatedly are "web"
and "email". This shows the interest of attackers in sending
phishing links via the web and email. Also, the keyword pair
"machine learning" was appeared a significant amount of
times which shows that machine learning is being used as one
of the mechanisms to detect the phishing links, emails, and
attachments sent to people by the attackers for their financial
or personal gains.
Figure 7. Count of Author’s Keywords in Primary Studies.

I. Author Name

Figure 8 displays the names of authors repeated more than

once in the primary studies. The authors Emma J. Williams
and Adam N. Joinson published articles based on the factors
that influence users to click on phishing links and users'
susceptibility to phishing.

Figure 5.Count of the keywords frequently occurring in the primary

studies.

G. Journal Publication As discussed in Section 2.3, the main articles in phishing

detection and security awareness training that have citations
Figure 6 displays the journal publication details of the greater than or equal to 10 are considered from 2011 to 2018.
selected primary studies. As shown in the figure, Springer To reduce the bias, the articles published in 2019 and 2020

783

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

which do not contain more than ten citations are also The following Table2 is displaying the key findings and
considered after confirming that these articles are relevant to summary of the selected primary studies
the research questions of this study.

TABLE II. KEY FINDINGS AND SUMMARY OF PRIMARY STUDIES

Primary Studies Key Findings Reported Primary Studies Key Findings Reported
(Yi et al., 2018) DBN (Deep Learning Model) was used to detect (Yang et al., 2019) A multidimensional feature approach to
websites for phishing, and the DBN detection phishing detection is proposed using deep
model and algorithm are addressed. DBN and learning based on a quick detection
TPR (True Positive Rate) was approximately method. The accuracy is 98.99%.
90%. When checked with a big data set.
(Abutair & Belghith, 2017) CBR-PDS (Case-Based Reasoning - Phishing (Ubing et al., 2019) Using Feature Selection and Ensemble
Detection System) is proposed to envisage Learning methodology, the experimental
phishing attacks with high precision. This outcomes disclose that the proposed
accuracy varies from 95.62% to 98.07%. model's accuracy rate can achieve up to
95%.
(Albladi & Weir, 2018) An UCF has been developed (user-centric (Shu-Ying & Wang, 2019) By examining the link structure
framework) that helps companies identify relationship between the standard
employee experiences using social networks. webpages and phishing webpages, the
closeness, sensitive page features, and link
interaction are described in conjunction
with page features. The corresponding
website phishing features are extracted to
measure the link structure relation.
(Ebner et al., 2020) Higher vulnerability to phishing was linked with (Salahdine &Kaabouch, 2019) Social engineering attacks cannot be
lower episodic short-term memory in middle- prevented by technology alone, and an
aged users and lower positive impact in young attacker can easily surpass a robust security
and middle-aged users. A better understanding of system with little security expertise.
vulnerability can be connected with increased Therefore, there is a lot of need for new
verbal eloquence in middle-aged users and a detection methods and countermeasure
higher positive impact in young and middle-aged approaches and training programs for
users. employees.
(Mayhorn & Nyeste, 2012) Anti-phishing training tends to be an effective (Ghafir et al., 2018) A security awareness training platform has
method to minimize the vulnerability to a been developed that offers interactive
phishing attack in terms of increasing concern material for social engineering and internet
about spam emails across a wide spectrum of security personnel when users access their
individual differences. workspaces and open websites to prevent
possible digital attacks.
(Mao et al., 2019) A learning-based aggregation analysis technique (Oliveira et al., 2017) The results of the experiment show that
is proposed to analyze and detect the phishing old-aged women were the most susceptible
pages and the similarity of page layouts. This to spear-phishing email attacks. Although
method automatically trains classifiers to assess younger users were highly vulnerable to
the resemblance of the web page to the CSS scarcity, old-aged users were most
layout features that do not involve human susceptible to reciprocation.
expertise.
(Parsons et al., 2013) A scenario-based experiment was conducted in (Higashino, 2019) A system is designed to semi-automatically
which participants who had formal information detoxify and anonymize an organization's
systems training were performing more poorly received attack emails and share them with
overall. Respondents who were notified that they multiple organizations. Using current
were undergoing a phishing study were information on attacks, each organization
substantially better at handling phishing emails can conduct semi-automatic and
effectively and ended up taking more time to continuous anti-phishing training.
make conclusions.
(Almseidin et al., 2019) A method of detecting phishing was suggested (Sonowal & Kuppusamy, 2020) PhiDMA model (Phishing detection using
using machine learning algorithms. Best results multi-filter approach) is proposed with five
are achieved by the use of feature selection layers: String matching, URL functionality,
methods that reduce the number of features from Lexical signature, Auto allowlist update,
48 to just 20 and work at 98.11 percent accuracy. and Accessibility score comparison as five
layers and accuracy 92.72 percent.
(Jain & Gupta, 2017) Phishing detection techniques based on visual (Mao et al., 2017) Using the Cascading Style Sheet (CSS), a
similarities use the features such as Cascading solution called Phishing-Alarm is created
Style Sheet (CSS), HTML tags image, text built on the resemblance of visual
content, document format, etc., to conclude. appearance, which makes it extremely
difficult for the attackers to escape.
(Ramanathan & Wechsler, A robust methodology to detect phishing attacks (Zhu et al., 2019) OFS-NN (Optimal Feature Selection-
2012) is proposed on the server-side, called phish Neural Network), a phishing website
GILLNET (multi-layered approach), which detection model, is proposed where feature
combines the power of machine learning validity value (FVV) is implemented to
techniques and natural language processing. determine the effect of optimal features,

784

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

and the procedure is programmed to pick

the ideal characteristics of the phishing
website.

IV. DISCUSSION one another. This study focuses on Security training and
Awareness i.e. education.
The starting appearance search confirms that there are a
significant layer of studies to "phishing" and "security Security posture is based on several factors. One of such
awareness training." A considerable set of the key research important factors is human beings because they are the source
chosen is observational concepts or proposals for solutions of 95% security attacks. This is the reason why human beings
for the problems of the recent past and near future. The are considered as the weakest links Attackers are trying to
research questions are addressed as follows. gain access to the information systems by seeking to exploit
human behaviour. There is a lot of scope for the security
What are the latest techniques in the last ten years (2011- awareness trainings to play a major role in minimizing the
2020) for phishing detection? phishing attacks. Many approaches and techniques are being
used to train the user regarding the phishing attacks.
The security of a company cannot be measured at an instance;
it is an ongoing process. With the advancements in What strategies are used to minimize phishing attacks?
technology, attackers are developing new methods and
techniques to evade defensive mechanisms. With the The user awareness training and detection of phishing using
advances in the last decade in Machine Learning and the technical methods may not mitigate the phishing attacks
Artificial Intelligence, many researchers have recommended completely. There is a need for combining different
the use of these techniques along with visual feature selection techniques in order to minimize the phishing attacks.
to detect phishing which also records accuracy greater than Figure10 categorizes the distribution of studies based on the
90% with low false-positive and false-negative rates. phishing mitigation strategy.

Figure 10 shows the distribution of primary studies. These are

primarily linked to successful decision-making and acting to
identify an action as malicious and act as appropriate. There
are also other mitigation strategies such as

Using spam filters

Using third party certified software

Using robust firewalls and infrastructure

Using dynamic technical defence mechanisms

Figure 9. Chart showing the distribution of primary studies concerning
phishing technique.

As shown in Figure 9, techniques such as Feature selection

and Machine Learning are popular compared to other
methods. The reason behind this is the accuracy rate is high
when these techniques are used. Also, they report a meagre
false-positive rate which amounts to very little or negligible
noise during the detection process. Deep Learning based
techniques, which is one of the emerging techniques for
phishing detection also proved to be successful. Figure 10. Chart showing the distribution of primary studies with respect
to mitigation strategies.
What is the role of Information Security/ Cyber Security
trainings to prevent phishing attacks? V. CONCLUSION

The previous researches focused on detection strategies like This study is aimed at investigating the latest advancements
tools, guidelines, and frameworks which many times might in phishing detection and the role played by information
challenge the work one another or a few might even support security/ cyber security awareness trainings in minimizing
the impact of phishing attacks by doing an SLR on chosen

785

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.
2022 2nd International Conference on Innovative Practices in Technology and Management (ICIPTM)

journals through a selective review. Forty-three (43) articles awareness, and financial resources. Telematics and Informatics,
41(February 2019), 55–69. https://doi.org/10.1016/j.tele.2019.03.003
were thoroughly analysed and also current media reports
[11] Canfield, C. I., Fischhoff, B., & Davis, A. (2019). Better watch out:
(APWG | Phishing Activity Trends Reports, n.d.) for this comparing phishing metacognition with real emails. Learning and
purpose. The outcome of this SLR suggests that research on Metacognition, 14(3), 343–362. https://doi.org/10.1007/s11409-019-
phishing detection improvement is a developing field with an 09197-5
[12] Dawood, M., Ibrahim, O. Bin, & Abu-Ulbeh, W. A. R. A. (2019).
increasing amount of papers in recent years. The majority of
Enrich awareness of users to detect phishing websites. International
the studies focused on the Visual feature selection techniques Journal of Engineering and Advanced Technology, 8(6 Special Issue
for the detection of phishing. There is an increasing trend of 3), 648–650. https://doi.org/10.35940/ijeat.F1119.0986S319
papers on usage of Machine Learning (ML), Deep Learning, [13] Ebnner, N. C., Ellies, D. M., Linn, T., Rochaa, H. A., Yangh, H.,
Dommaraaju, S., Solliman, A., Wooddard, D. L., Turner, G. R.,
and Artificial Intelligence (AI) based techniques to detect the
Sprengh, R. N., & Olliveira, D. S. (2020). Risk of sensitivity to online
phishing behaviour in websites and emails. There are various disappointment in old age. Journals of Gerontology - Series B
approaches being followed in order to train the users Psychological Sciences and Social Sciences, 75(3), 522–533.
regarding phishing, such as – new awareness training https://doi.org/10.1093/geronb/gby036
[14] Ghafir, I., Saleem, J., Hammoudeh, M., Faour, H., Prenosil, V., Jaf, S.,
frameworks are being developed, anti-phishing techniques,
Jabbar, S., & Baker, T. (2018). Security threats to critical
persona-centred training, visual discrimination training. infrastructure: the human factor. Journal of Supercomputing, 74(10),
Various factors such as religious indicators and social peer 4986–5002. https://doi.org/10.1007/s11227-018-2337-2
pressure also impact the output of training. Not just the [15] Higashino, M. (2019). A design of an anti-phishing training system
collaborated with multiple organizations. ACM International
detection and training, but also different strategies are being
Conference Proceeding Series, 2–5.
followed in order to minimize the impacts of these phishing https://doi.org/10.1145/3366030.3366086
attacks which include the usage of spam filters, robust [16] Iuga, C., Nurse, J. R. C., & Erola, A. (2016). Baiting the hook: factors
firewalls and infrastructure, tutorials exclusively based on the impacting susceptibility to phishing attacks. Human-Centric
Computing and Information Sciences, 6(1).
habitual and sociological features, migrating to dynamic
httpse://doei.org/10.11186/s123673-0016-01065-20
technical defence mechanisms from static technical defence [17] Jainn, A. K., & Guptha, B. B. (2016). A new way to safeguard the
mechanisms. customer against physical threats by automatically updating the white
list. Eurasip Journal on Information Security, 2016(1).
https://doii.orgg/101.11886/s136135-0116-00314-30
REFERENCES
[18] Jain, A. K., & Gupta, B. B. (2017). Detection of phishing: analysis of
techniques to visual similarity. Networks of safety and communication,
[1] Abe, N., & Soltys, M. (2019). Deploying health campaign strategies to 2017(i). https://doii.orhg/10.12155/20217/524210246
defend against social engineering threats. Procedia Computer Science, [19] Gyan Prakash, “Secure & efficient audit service outsourcing for data
159, 824–831. https://doi.org/10.1016/j.procs.2019.09.241 integrity in clouds,” International Journal of MC Square Scientific
[2] Abutair, H. Y. A., & Belghith, A. (2017). Using Case-Based Reasoning Research, Vol. 6, No. 1, 2014.
for Phishing Detection. Procedia Computer Science, 109, 281–288.
https://doi.org/10.1016/j.procs.2017.05.352
[3] Ahlan, A. R., Lubis, M., & Lubis, A. R. (2015). Information Security
Awareness at the Knowledge-Based Institution: Its Antecedents and
Measures. Procedia Computer Science, 72, 361–373.
https://doi.org/10.1016/j.procs.2015.12.151
[4] Akinyelu, A. A., & Adewumi, A. O. (2014). Classification of phishing
email using random forest machine learning technique. Journal of
Applied Mathematics, 2014. https://doi.org/10.1155/2014/425731
[5] Al-Momanie, A. A. D., Waan, T. C., Al-Saeedi, K., Altaher, A.,
Ramadass, S., Manasrah, A., Melhiml, L. B., & Anbar, M. (2011). an
interactive simulation on the developing strategy for detecting and
classifying phishing. In Journal of Applied Sciences (Vol. 11, Issue 18,
pp. 3301–3307). https://doi.org/10.3923/jas.2011.3301.3307
[6] Alblaadi, S. M., & Weeir, G. R. S. (2018). Features of users influencing
social engineering attacks in social networks. Human-centered
information sciences and computing, 8(1), 1–24.
https://doi.org/10.1186/s13673-018-0128-7
[7] Almomani, A., Wan, T., Altaher, A., Manasrah, A., Almomani, E.,
Anbar, M., Alomari, E., & Ramadass, S. (2012). Evolving Fuzzy
Neural Network for Phishing Emails Detection National Advanced
IPv6 Centre ( NAV6 ), School of Computer Sciences , Faculty of
Information Technology and Computer Sciences ,. 8(7), 1099–1107.
[8] Almseidin, M., Abu Zuraiq, A. M., Al-kasassbeh, M., & Alnidami, N.
(2019). Phishing detection based on machine learning and feature
selection methods. International Journal of Interactive Mobile
Technologies, 13(12), 71–183.
https://doi.org/10.3991/ijim.v13i12.11411
[9] APWG | Phishing Activity Trends Reports. (n.d.). Retrieved June 21,
2020, from https://apwg.org/trendsreports/
[10] Barth, S., de Jong, M. D. T., Junger, M., Hartel, P. H., & Roppelt, J. C.
(2019). Putting the privacy paradox to the test: Online privacy and
security behaviors among users with technical knowledge, privacy

786

Authorized licensed use limited to: Somaiya University. Downloaded on August 17,2023 at 12:10:46 UTC from IEEE Xplore. Restrictions apply.