×
The submission system is temporarily under maintenance. Please send your manuscripts to
Go to Editorial ManagerRecent advancements in communication and wireless technologies have greatly increased the number of internet users. These users often share personal information online, making it vulnerable to attackers. Phishing, a common type of online fraud, involves tricking people into giving their personal information through spam or other deceptive methods. Even though this threat has been around for a long time, it is still very active and successful. Attackers have improved their methods over the years to make their attacks more convincing and effective. Therefore, it is important to carefully study this type of attack to raise awareness among both users and cybersecurity researchers. This review paper explains the basics, types, and methods of phishing and presents a unified attack lifecycle framework to provide users and researchers with a clear understanding of phishing. Additionally, anti-phishing methods are thoroughly analyzed to determine their strengths and weaknesses. Researchers use different strategies to develop anti-phishing solutions, including blacklisting, whitelisting, heuristics, machine learning, and deep learning techniques. To help readers choose the best anti-phishing solution, research studies using these strategies are categorized, evaluated, and compared using specific criteria to show their strengths and weaknesses. Furthermore, the datasets used to develop anti-phishing models are discussed and reviewed. Finally, this paper provides a detailed overview of current phishing challenges and suggests future research directions in this area.