A comprehensive survey of phishing: mediums, intended targets, attack and defence techniques and a novel taxonomy

Goenka, Richa; Chawla, Meenu; Tiwari, Namita

doi:10.1007/s10207-023-00768-x

Cited by 11 publications

(2 citation statements)

References 113 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…By implementing network segmentation and access control measures, organizations can significantly reduce the attack surface of their ICAS and make it more difficult for attackers to gain a foothold in the system. This first layer of defense provides a foundation for building a robust cybersecurity posture [20].…”

Section: Defense In Depth: Network Segmentation and Access Controlmentioning

confidence: 99%

Securing the Industrial Backbone: Cybersecurity Threats, Vulnerabilities, and Mitigation Strategies in Control and Automation Systems

Jihane Ben Slimane

2024

jes

View full text Add to dashboard Cite

Industrial Control and Automation Systems are the invisible workhorses of modern industry, managing critical infrastructure and manufacturing processes. The increasing convert of IT and OT networks has exposed ICAS to a growing range of cybersecurity threats. This paper explores the current landscape of cybersecurity threats and vulnerabilities plaguing ICAS. It delves into the technical aspects of these vulnerabilities, ranging from network weaknesses to human error. Additionally, the paper proposes a comprehensive set of mitigation strategies that can be implemented to bolster the security posture of ICAS. These strategies encompass network segmentation, access control, vulnerability management, incident response planning, and ongoing security awareness training. Finally, the paper highlights the importance of adhering to industry security standards and fostering a culture of cybersecurity within organizations.

show abstract

Section: Defense In Depth: Network Segmentation and Access Controlmentioning

confidence: 99%

Securing the Industrial Backbone: Cybersecurity Threats, Vulnerabilities, and Mitigation Strategies in Control and Automation Systems

Jihane Ben Slimane

2024

jes

View full text Add to dashboard Cite

show abstract

“…Traditional phishing often involves constructing counterfeit platforms like fake websites or software [12]. Attackers deceive users into believing they are interacting with legitimate entities, aiming to harvest sensitive information or prompt monetary transactions [13]. Such activities can manifest across various online platforms, including emails [14], social media, and sham websites.…”

Section: Introductionmentioning

confidence: 99%

Multiscale Feature Fusion and Graph Convolutional Network for Detecting Ethereum Phishing Scams

Chen,

Huang,

Liu

et al. 2024

Electronics

View full text Add to dashboard Cite

With the emergence of blockchain technology, the cryptocurrency market has experienced significant growth in recent years, simultaneously fostering environments conducive to cybercrimes such as phishing scams. Phishing scams on blockchain platforms like Ethereum have become a grave economic threat. Consequently, there is a pressing demand for effective detection mechanisms for these phishing activities to establish a secure financial transaction environment. However, existing methods typically utilize only the most recent transaction record when constructing features, resulting in the loss of vast amounts of transaction data and failing to adequately reflect the characteristics of nodes. Addressing this need, this study introduces a multiscale feature fusion approach integrated with a graph convolutional network model to detect phishing scams on Ethereum. A node basic feature set comprising 12 features is initially designed based on the Ethereum transaction dataset in the basic feature module. Subsequently, in the edge embedding representation module, all transaction times and amounts between two nodes are sorted, and a gate recurrent unit (GRU) neural network is employed to capture the temporal features within this transaction sequence, generating a fixed-length edge embedding representation from variable-length input. In the time trading feature module, attention weights are allocated to all embedding representations surrounding a node, aggregating the edge embedding representations and structural relationships into the node. Finally, combining basic and time trading features of the node, graph convolutional networks (GCNs), SAGEConv, and graph attention networks (GATs) are utilized to classify phishing nodes. The performance of these three graph convolution-based deep learning models is validated on a real Ethereum phishing scam dataset, demonstrating commendable efficiency. Among these, SAGEConv achieves an F1-score of 0.958, an AUC-ROC value of 0.956, and an AUC-PR value of 0.949, outperforming existing methods and baseline models.

show abstract

DaE2: Unmasking malicious URLs by leveraging diverse and efficient ensemble machine learning for online security

Omolara,

Alawida

2025

Computers & Security

View full text Add to dashboard Cite

A comprehensive survey of phishing: mediums, intended targets, attack and defence techniques and a novel taxonomy

Cited by 11 publications

References 113 publications

Securing the Industrial Backbone: Cybersecurity Threats, Vulnerabilities, and Mitigation Strategies in Control and Automation Systems

Securing the Industrial Backbone: Cybersecurity Threats, Vulnerabilities, and Mitigation Strategies in Control and Automation Systems

Multiscale Feature Fusion and Graph Convolutional Network for Detecting Ethereum Phishing Scams

DaE2: Unmasking malicious URLs by leveraging diverse and efficient ensemble machine learning for online security

Contact Info

Product

Resources

About