Article Preview
TopIntroduction
In an era marked by the relentless evolution of technology and the omnipresence of digital connectivity, cybersecurity stands as the bulwark against unauthorized access, misuse, and breaches of security protocols. Safeguarding systems, information networks, and critical infrastructure from the ever-increasing menace of cybersecurity incidents has become imperative. At its core, cybersecurity is about prevention and restoring functionality and continuity in the face of adversarial actions. The contemporary landscape, characterized by pervasive web support and continual technological advancement, has seen a surge in cybercrimes, among which phishing emerges as a prominent and insidious threat. Phishing, a cyberattack rooted in deception, exploits human vulnerability to trick individuals and organizations into unwittingly surrendering sensitive information. Perpetrators, masquerading as trustworthy entities such as government agencies, banks, platforms, or social network accounts, employ various mediums like text messages, phone calls, emails, or attachments to carry out their nefarious activities. Once the victim is ensnared, the attacker gains unauthorized access to financial information, personal data, and other confidential details. As asserted by Alabdan (2020), phishing stands out as one of the most perilous manifestations of social engineering, acting as a potent tool for threat actors seeking control over end users and access to vital information systems.
Emails with malicious URLs (uniform resource locators) are a common component of phishing attempts. The naive victim continues to click on the deceitful link, inadvertently giving out vital information. According to Anupam and Kar (2021), there are a number of methods that attackers use to lure victims into these kinds of traps. Email, malware, spear, whaling, pounding, and vishing are all methods that fall under this category; they are all designed to exploit particular vulnerabilities and traits of the people or organizations that are the targets. Figure 1 shows that in 2022 there were 4.7 million phishing attacks, the highest number ever recorded by the Anti-Phishing Working Group (2023). The fourth quarter saw a significant increase in the number. Multinational organizations, governments, and military units are particularly vulnerable to phishing assaults because of the tremendous financial losses and data invasions that could result from successful attacks.
Despite the progress in developing machine-learning techniques for phishing detection, there remains a significant gap in leveraging expert knowledge to enhance these automated systems. Current approaches rely solely on data-driven patterns without adequately incorporating cybersecurity professionals' valuable insights and domain expertise. This lack of integration between machine learning and expert-curated resources, such as allowlists and blocklists, presents a key area for improvement in the field.
A thorough overview of current research and methods for gathering data is presented in the second section. Section 3 describes the research's methodology and how it was carried out. There is an open discussion on how the experiments' data were collected and which machine-learning algorithms were used. Section 4 of the paper details the findings of tests conducted to identify and mitigate phishing. In this part, the efficacy of several methods is compared using tables and graphs. The results are condensed in Section 5, which discusses the future and offers suggestions for better cybersecurity defenses against phishing.
Figure 1. Increase in phishing from 2019 to 2022