A Critical Review: Revisiting Phishing Attacks Classification and Analysis of Techniques Employed in Taxonomies

Abstract

People are increasingly sharing their personal information online as internet usage grows. As a result, fraudsters have access to a massive amount of personal information and financial activities. In recent years, phishing assaults have become one of the most common threats faced by internet users, governments, and service providers. The attacker(s) uses falsified emails or bogus websites to obtain the client's sensitive data (i.e., user account login details, credit/debit card numbers, etc.) in a phishing assault. Studies have classed phishing attacks based on fundamental phishing mechanisms and defenses, ignoring the importance of the phishing lifecycle from beginning to conclusion. This study also provides a new thorough taxonomy of phishing assaults, including attack phases, attacker types, vulnerabilities, threats, targets, attack media, and attacking strategies. Furthermore, the proposed anatomy will help readers comprehend the full lifecycle of a phishing attack, which will raise awareness of these phishing attacks and the strategies utilized; it will also aid in the development of a comprehensive anti-phishing system. In addition, various preventative precautions are being investigated