A Survey On Web Phishing Detection Techniques: A Taxonomy-based Approach

Abstract

The primary goal of website phishing is to obtain secret information i.e. passwords, account numbers, credit card details, etc. Web phishing is used to deceive users, normally carried out through sending links using spoofed emails, instant messages etc. However, web-phishing detection is a challenging task. A number of techniques and mechanisms has been proposed for the detection of web phishing. The aim of this study is to analyze different web-phishing detection techniques. Web-phishing techniques are characterized into machine-learning (ML) based, Heuristics-based, Blacklist/whitelist based and visual-based. A comparative analysis of these aforementioned categories has been done in this research based on their detection accuracy, performance, usability, and scalability. The research also identifies the advantages and limitations of web-phishing detection techniques.