×
The submission system is temporarily under maintenance. Please send your manuscripts to
Go to Editorial ManagerRecent advancements in communication and wireless technologies have greatly increased the number of internet users. These users often share personal information online, making it vulnerable to attackers. Phishing, a common type of online fraud, involves tricking people into giving their personal information through spam or other deceptive methods. Even though this threat has been around for a long time, it is still very active and successful. Attackers have improved their methods over the years to make their attacks more convincing and effective. Therefore, it is important to carefully study this type of attack to raise awareness among both users and cybersecurity researchers. This review paper explains the basics, types, and methods of phishing and presents a unified attack lifecycle framework to provide users and researchers with a clear understanding of phishing. Additionally, anti-phishing methods are thoroughly analyzed to determine their strengths and weaknesses. Researchers use different strategies to develop anti-phishing solutions, including blacklisting, whitelisting, heuristics, machine learning, and deep learning techniques. To help readers choose the best anti-phishing solution, research studies using these strategies are categorized, evaluated, and compared using specific criteria to show their strengths and weaknesses. Furthermore, the datasets used to develop anti-phishing models are discussed and reviewed. Finally, this paper provides a detailed overview of current phishing challenges and suggests future research directions in this area.
In the era of modern trends such as cloud computing, social media applications, emails, mobile applications, and URLs that lead to increased risks for defrauding authorized users, and then the attackers try to gain illegal access to accounts of users through a malicious attack. The phishing attack is one of the dangerous attacks caused to access of authorized account illegally way. The finances, business, banking, and other sensitive in states are faces by this type of attacks due to the important information they have. In this paper, we propose a secure verification scheme that can overcome the above-mentioned issues. Additionally, the proposed scheme can resist famous cyberattacks such as impersonate attacks, MITM attacks. Moreover, the proposed scheme has security features like strong verification, forward secrecy, user’s identity anomaly. The security analysis and the experimental results proved the strongest of the proposed scheme compared with other related works. Finally, our proposed scheme balanced between the performance and the security merits.