Abstract
From the inception of email in the last era until this hour, many stories about misleading victims in phishing emails are published. Phishing email has been considered to be one of the most common threats. Many researchers wonder why the phishing email still works. The problem lies in the strategies used by the attacker in the electronic trap and the lack of security awareness by the user at the same time. This paper presents stages and steps of phishing email and investigates the most tricking techniques used by the attacker to attract the user. The paper also motivates work on non-technical solutions and reviews the types of detection methods of phishing emails concentrating on methods related to message contents.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Gupta, B.B., Tewari, A., Jain, A.K., Agrawal, D.P.: Fighting against phishing attacks: state of the art and future challenges. Neural Comput. Appl. 28(12), 3629–3654 (2017)
KasperskyLab: Kaspersky lab: spam and phishing report 2019 (2019). https://securelist.com/spam-and-phishing-in-q1-2019. Accessed 10 June 2019
Chiluwa, I.: Congratulations, €1,000,000: analyzing the discourse structures of scam emails. In: The Palgrave Handbook of Deceptive Communication, pp. 897–912. Palgrave Macmillan, Cham (2019)
Wang, Y., Lin, C., Li, Q.L.: Performance analysis of email systems under three types of attacks. Perform. Eval. 67(6), 485–499 (2010)
Pawar, M.V., Anuradha, J.: Network security and types of attacks in network. Proc. Comput. Sci. 48, 503–506 (2015)
Hamid, I.R.A., Abawajy, J.: Hybrid feature selection for phishing email detection. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 266–275. Springer, Heidelberg, October 2011
Al-Hamar, M., Dawson, R., Al-Hamar, J.: The need for education on phishing: a survey comparison of the UK and Qatar. Campus-Wide Inf. Syst. 28(5), 308–319 (2011)
Alsharnouby, M., Alaca, F., Chiasson, S.: Why phishing still works: user strategies for combating phishing attacks. Int. J. Hum.-Comput. Stud. 82, 69–82 (2015)
Gupta, B.B., Arachchilage, N.A., Psannis, K.E.: Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 67(2), 247–267 (2018)
Gupta, B.B., Tewari, A., Jain, A.K., Agrawal, D.P.: Fighting against phishing attacks: state of the art and future challenges. Neural Comput. Appl. 28(12), 3629–3654 (2017)
Brewer, R.: Ransomware attacks: detection, prevention and cure. Netw. Secur. 2016(9), 5–9 (2016)
Sasse, M.A., Brostoff, S., Weirich, D.: Transforming the ‘weakest link’—a human/computer interaction approach to usable and effective security. BT Technol. J. 19(3), 122–131 (2001)
Tally, G., Thomas, R., Van Vleck, T.: Anti-phishing: best practices for institutions and consumers. McAfee Research, March 2004
Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L.F., Hong, J., Nunge, E.: Protecting people from phishing: the design and evaluation of an embedded training email system. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 905–914. ACM, April 2007
Wen, Z.A., Lin, Z., Chen, R., Andersen, E.: What. hack: engaging anti-phishing training through a role-playing phishing simulation game. In: Proceedings of the 2019 CHI Conference on Human Factors in Computing Systems, p. 108. ACM (2019)
Werner, L.A., Courte, J.: Analysis of an anti-phishing lab activity. Inf. Syst. Educ. J. 8(11), n11 (2010)
Hamid, I.R.A., Abawajy, J.H.: An approach for profiling phishing activities. Comput. Secur. 45, 27–41 (2014)
Yearwood, J., Mammadov, M., Webb, D.: Profiling phishing activity based on hyperlinks extracted from phishing emails. Soc. Netw. Anal. Min. 2(1), 5–16 (2012)
Basnet, R., Mukkamala, S., Sung, A.H.: Detection of phishing attacks: a machine learning approach. In: Soft Computing Applications in Industry, pp. 373–383. Springer, Heidelberg (2008)
Jain, A.K., Gupta, B.B.: A machine learning based approach for phishing detection using hyperlinks information. J. Intell. Hum. Comput. 10(5), 2015–2028 (2019)
Fang, Y., Zhang, C., Huang, C., Liu, L., Yang, Y.: Phishing email detection using improved RCNN model with multilevel vectors and attention mechanism. IEEE Access 7, 56329–56340 (2019)
Park, G., Rayz, J.: Ontological detection of phishing emails. In: 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC), pp. 2858–2863. IEEE (2018)
Chandrasekaran, M., Narayanan, K., Upadhyaya, S.: Phishing email detection based on structural properties. In: NYS Cyber Security Conference, vol. 3 (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Ahmed Ali, G. (2020). Phishing Email: Could We Get Rid of It? A Review on Solutions to Combat Phishing Emails. In: Saeed, F., Mohammed, F., Gazem, N. (eds) Emerging Trends in Intelligent Computing and Informatics. IRICT 2019. Advances in Intelligent Systems and Computing, vol 1073. Springer, Cham. https://doi.org/10.1007/978-3-030-33582-3_80
Download citation
DOI: https://doi.org/10.1007/978-3-030-33582-3_80
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33581-6
Online ISBN: 978-3-030-33582-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)