Phishing counter measures and their effectiveness – literature review
Information Management & Computer Security
ISSN: 0968-5227
Article publication date: 23 November 2012
Abstract
Purpose
Phishing is essentially a social engineering crime on the Web, whose rampant occurrences and technique advancements are posing big challenges for researchers in both academia and the industry. The purpose of this study is to examine the available phishing literatures and phishing countermeasures, to determine how research has evolved and advanced in terms of quantity, content and publication outlets. In addition to that, this paper aims to identify the important trends in phishing and its countermeasures and provides a view of the research gap that is still prevailing in this field of study.
Design/methodology/approach
This paper is a comprehensive literature review prepared after analysing 16 doctoral theses and 358 papers in this field of research. The papers were analyzed based on their research focus, empirical basis on phishing and proposed countermeasures.
Findings
The findings reveal that the current anti‐phishing approaches that have seen significant deployments over the internet can be classified into eight categories. Also, the different approaches proposed so far are all preventive in nature. A Phisher will mainly target the innocent consumers who happen to be the weakest link in the security chain and it was found through various usability studies that neither server‐side security indicators nor client‐side toolbars and warnings are successful in preventing vulnerable users from being deceived.
Originality/value
Educating the internet users about phishing, as well as the implementation and proper application of anti‐phishing measures, are critical steps in protecting the identities of online consumers against phishing attacks. Further research is required to evaluate the effectiveness of the available countermeasures against fresh phishing attacks. Also there is the need to find out the factors which influence internet user's ability to correctly identify phishing websites.
Keywords
Citation
Purkait, S. (2012), "Phishing counter measures and their effectiveness – literature review", Information Management & Computer Security, Vol. 20 No. 5, pp. 382-420. https://doi.org/10.1108/09685221211286548
Publisher
:Emerald Group Publishing Limited
Copyright © 2012, Emerald Group Publishing Limited