Phishing Forensics: A Systematic Approach to Analyzing Mobile and Social Media Fraud

1  Introduction

The convergence of mobile technology and social media has created a complex and dynamic digital landscape that has become a prime target for cybercriminals. Phishing, a deceptive practice aimed at acquiring sensitive information, has evolved rapidly to exploit vulnerabilities in these platforms. Previous research on mobile and social media phishing has explored various factors that influence user susceptibility and the effectiveness of different prevention techniques. Hadlington [1] investigated the impact of user characteristics, such as age, gender, and internet experience, on vulnerability to phishing attacks. Chen et al. [2] evaluated the effectiveness of various phishing mitigation techniques, such as spam filters and user education. Wang et al. [3] examined the role of social context in phishing susceptibility, finding that users are more likely to click on phishing links sent by friends or acquaintances. Lee et al. [4] explored the emotional factors that can influence users’ responses to phishing messages.

In addition to these studies, researchers have also applied machine learning techniques to detect phishing attacks. Zhang et al. [5] used machine learning to analyze social network data and identify potential phishing targets. Kumar et al. [6] developed a hybrid approach that combines machine learning and natural language processing to detect phishing emails. Wang et al. [3] used social network analysis to predict individuals who were more likely to be targeted by phishing attacks. Phishing attacks on mobile and social media platforms pose significant risks to individuals and organizations. Victims may suffer financial losses, identity theft, or reputational damage. Additionally, phishing attacks can undermine trust in digital platforms and erode public confidence in online security.

To effectively address the challenges posed by mobile and social media phishing, it is essential to have a comprehensive understanding of the methodologies used to study these threats. This chapter aims to provide a critical analysis of existing research and to identify gaps in methodological approaches. By doing so, we seek to contribute to the development of robust and reliable methodologies for understanding, detecting, and mitigating these threats.

The aim of this research is to identify effective methodologies for studying mobile and social media phishing and to develop practical prevention and mitigation strategies. By addressing this problem, we aim to:

•   Understand the tactics used by phishers: Analyze the techniques employed by attackers to deceive users and exploit vulnerabilities in mobile and social media platforms.

•   Identify vulnerabilities: Identify the weaknesses in mobile and social media platforms that can be exploited by phishers.

•   Develop effective prevention strategies: Develop practical strategies to prevent and mitigate phishing attacks, such as educating users, enhancing technical controls, and strengthening organizational security.

•   Inform policy and regulation: Provide insights into the policy and regulatory measures needed to address the challenges of mobile and social media phishing.

This chapter will explore a range of methodological approaches, including surveys, experiments, data mining, and machine learning. By critically analyzing these methods and identifying their strengths and limitations, we aim to provide a comprehensive framework for future research in this area.

1.1 Problem Statement

Despite the increasing sophistication of mobile and social media platforms, phishing attacks remain a significant threat to users’ privacy and security. Existing research on mobile and social media phishing has made progress in understanding these attacks, but there is a need for a more comprehensive and systematic approach to address the evolving nature of these threats. This study aims to address the following research questions:

•   What are the most effective methodologies for detecting and analyzing mobile and social media phishing attacks?

•   How can user behavior and social context be incorporated into phishing research methodologies?

•   What are the ethical considerations when conducting research on mobile and social media phishing?

•   How can research findings be translated into practical prevention and mitigation strategies?

1.2 Background of Study

The proliferation of mobile devices and the widespread adoption of social media platforms have created a digital landscape that is both interconnected and vulnerable. Cybercriminals have capitalized on this convergence, developing sophisticated phishing attacks specifically designed to exploit the unique characteristics of mobile and social media environments. These attacks often leverage social engineering techniques, personalized messages, and a sense of urgency to deceive users into revealing sensitive information such as login credentials, financial details, or personal data.

The study of mobile and social media phishing is essential to understand the evolving tactics employed by attackers and to develop effective countermeasures. Existing research has made significant contributions in this area, but there is a need for a comprehensive examination of the methodological approaches used to study these threats. By critically analyzing existing research and identifying gaps, this chapter aims to provide a foundation for the development of more robust and reliable methodologies.

A key challenge in studying mobile and social media phishing is the dynamic and rapidly changing nature of the threat landscape. New techniques and tactics emerge continuously, making it difficult to keep pace with the latest trends. Additionally, the diversity of mobile devices and social media platforms introduces complexity into the research process. This chapter will address these challenges by exploring a range of methodological approaches, including data mining, machine learning, user studies, and ethical hacking.

By providing a comprehensive overview of the methodologies used to study mobile and social media phishing, this chapter will contribute to the development of a more informed and effective research community. This knowledge can be used to inform the design of prevention strategies, detection tools, and mitigation techniques to protect users from these pervasive threats.

1.3 AI-Generated Phishing

AI-generated phishing refers to the use of artificial intelligence to automate phishing attacks or design more sophisticated and personalized attack strategies. These attacks can involve a range of techniques, including smishing (SMS phishing), vishing (voice phishing), and deepfakes. While this represents a harmful application of AI, it has significantly enhanced phishing tactics in several ways. AI contributes to improved grammar in messages, enables the personalization of communication, mimics an individual’s writing style to increase credibility, clones voices for audio deception, and creates realistic deepfake images or videos to manipulate the target.

1.4 Blockchain for Phishing Prevention

Blockchain technology, being decentralized and immutable, provides a promising defense against phishing. It operates by grouping data entries into blocks, which are linked and encrypted through cryptography. Once data is recorded, it is nearly impossible to alter, ensuring data integrity and transparency. One of the main applications of blockchain in phishing prevention is decentralized identity management. This allows user identities to be verified cryptographically, offering tamper-proof credentials and giving users control over their data. Blockchain can also secure the Domain Name System (DNS) by making domain names immutable and changes transparent, preventing central points of failure.

1.5 Cryptocurrency Phishing Scams

Cryptocurrency phishing scams are designed to trick users into revealing sensitive credentials or sending digital assets to malicious actors. Since cryptocurrencies operate on blockchain—where transactions are irreversible and pseudonymous—scammers use elaborate deception to gain victims’ trust. Once a fraudulent transaction is completed, tracing or recovering the funds becomes exceedingly difficult. Common forms of cryptocurrency phishing include fake websites and exchanges designed to look like legitimate platforms, phishing emails impersonating trusted services with urgent clickbait, counterfeit mobile apps, impersonation on social media, fake giveaways, pump-and-dump schemes, and bogus coin offerings.

1.6 Machine Learning Challenges

Bias in machine learning refers to systematic errors in models that result in unfair or discriminatory outcomes. These biases can emerge from various sources, including biased training data, algorithmic design, and human involvement. Biased training data occurs when the data used to train the model reflects existing societal or procedural inequalities. This can manifest in several ways—historical bias, where the data mirrors outdated societal norms; representation bias, where certain groups are either overrepresented or underrepresented; measurement bias, which arises from inaccuracies in how data is collected or labeled; sampling bias, which occurs when the data is gathered from a limited or non-random population; and labeling bias, which involves assigning prejudiced or incorrect labels during data annotation.

1.7 Phishing: A Growing Global Threat

Phishing, a deceptive practice aimed at acquiring sensitive information, has become a pervasive global threat. The widespread use of mobile devices and social media platforms has made individuals and organizations increasingly vulnerable to these attacks. Phishing attacks can result in significant financial losses, identity theft, and reputational damage.

1.8 Notable Reports and Studies

Several reports and studies have documented the increasing prevalence and sophistication of phishing attacks, providing valuable insights into this growing threat (Table 1). Some of the most notable reports include: Proofpoint’s Phishing Activity Trends Report provides a detailed overview of phishing trends, offering valuable insights into the tactics employed by attackers and the industries targeted. Key findings often include:

•   Emerging Phishing Tactics: The report highlights new and evolving phishing techniques, such as the use of artificial intelligence to create more convincing messages or the exploitation of specific vulnerabilities in popular software or platforms.

•   Targeted Attacks: Proofpoint identifies targeted phishing campaigns aimed at specific industries or individuals, demonstrating the increasing sophistication of phishing attacks.

•   Geographic Distribution: The report analyzes the geographic distribution of phishing attacks, revealing regions with higher or lower levels of activity.

•   Effectiveness of Prevention Measures: Proofpoint evaluates the effectiveness of various phishing prevention measures, such as email filtering and user education, providing organizations with actionable insights.

Verizon’s Data Breach Investigations Report offers a comprehensive analysis of data breaches, including those caused by phishing attacks. Key findings often include:

•   Phishing as a Leading Cause of Data Breaches: Phishing attacks are frequently identified as a primary cause of data breaches, highlighting the significant risks posed by these threats.

•   Impact of Phishing Attacks: The report quantifies the financial and reputational damage caused by phishing attacks, providing organizations with a clear understanding of the potential consequences.

•   Root Causes of Phishing Attacks: Verizon identifies the root causes of phishing attacks, such as weak security controls, lack of user awareness, and social engineering techniques.

•   Best Practices for Prevention: The report offers recommendations for organizations to improve their security posture and reduce their vulnerability to phishing attacks.

Microsoft’s Threat Intelligence Center Reports provide valuable insights into the tactics used by phishers and the evolving threat landscape. Key findings often include:

•   Phishing Campaigns Targeting Microsoft Products and Services: Microsoft’s reports frequently focus on phishing campaigns specifically targeting Microsoft products and services, such as Office 365 and Azure.

•   Advanced Phishing Techniques: Microsoft analyzes the techniques used by phishers, including the use of spear phishing, credential theft, and social engineering.

•   Threat Actor Analysis: Microsoft’s reports may provide information on specific threat actors involved in phishing campaigns, helping organizations to identify potential threats.

•   Security Recommendations: Microsoft offers recommendations for organizations to protect themselves from phishing attacks, including best practices for password management, user education, and security controls.

By analyzing these reports, organizations can stay informed about the latest phishing trends, identify potential threats, and take proactive steps to protect themselves from these attacks.

These reports provide evidence of the widespread prevalence of phishing attacks and the significant risks they pose to individuals and organizations.

1.9 Conceptual Framework

This study proposes a conceptual framework that integrates various methodological approaches to comprehensively investigate mobile and social media phishing. The framework is grounded in the theoretical underpinnings of social engineering and information systems security, which provide a solid foundation for understanding the psychological and technical aspects of these attacks.

A key component of the framework is the use of data-driven methodologies. This includes data mining and machine learning techniques to analyze large datasets of phishing attacks and identify patterns, trends, and emerging threats. By leveraging these methods, researchers can gain valuable insights into the tactics employed by attackers, the vulnerabilities exploited, and the effectiveness of existing prevention measures.

In addition to data-driven approaches, user studies are essential for understanding how users interact with mobile and social media platforms and their susceptibility to phishing attacks. Qualitative research methods, such as interviews and surveys, can be employed to gather in-depth information about user behavior, awareness of phishing threats, and the effectiveness of security education programs.

To complement these methodologies, ethical hacking can be employed to simulate phishing attacks in a controlled environment. By conducting penetration testing and vulnerability assessments, researchers can identify weaknesses in mobile and social media platforms and evaluate the effectiveness of security controls. This approach provides a hands-on understanding of the techniques used by attackers and allows for the development of targeted countermeasures.

Finally, case studies can be used to examine specific phishing incidents in detail. By analyzing individual cases, researchers can gain insight into the motivations of attackers, the impact of phishing attacks on individuals and organizations, and the effectiveness of response strategies. This approach can also help to identify emerging trends and anticipate future developments in the phishing landscape.

1.10 Theoretical Framework

A suitable theoretical framework for this research could be Social Engineering Theory and Information Systems Security Theory (Table 2). Social Engineering Theory provides a foundation for understanding how attackers manipulate human behavior to gain unauthorized access to systems or information. This theory can be applied to phishing attacks, where attackers use deception and persuasion to trick users into clicking on malicious links or providing sensitive information. Information Systems Security Theory focuses on the protection of information assets and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This theory can be used to analyze the technical aspects of phishing attacks, such as the methods used to create and deliver phishing messages, and the vulnerabilities exploited in target systems.

Key concepts and theories within this framework include Social Engineering, Phishing, Information Systems Security, Security Controls, User Behavior, Social Context, and Ethical Considerations. By combining these theories and methodologies, researchers can gain a deeper understanding of the factors that contribute to the success of phishing attacks and develop effective prevention and mitigation strategies [7].

Research methodologies that can be employed within this framework include Data Mining and Machine Learning, User Studies, Ethical Hacking, and Case Studies. Data Mining and Machine Learning can be used to analyze large datasets of phishing attacks to identify patterns and develop predictive models. User Studies can be employed to observe user behavior and conduct surveys to understand how users respond to phishing attacks. Ethical Hacking can be used to simulate phishing attacks in a controlled environment to test security controls and identify vulnerabilities. Case Studies can be used to examine specific phishing attacks to understand their techniques and impact.

2  Literature Review

Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing by Grimes [8] provides a comprehensive overview of phishing and social engineering. Grimes covers a wide range of topics, including security policies, technical defenses, and security awareness programs. The book offers practical advice for individuals and organizations on how to protect themselves from these threats. How to Catch a Phish: A Practical Guide to Detecting Phishing Emails by Oles [9] provides a step-by-step guide for identifying and avoiding phishing emails. Oles covers the key signs of suspicious emails, such as grammar errors, unusual requests, and suspicious links. He also discusses techniques for safely examining email attachments and reporting phishing attempts.

Phishing Dark Waters by Hadnagy and Fincher [10] offers a more in-depth look at phishing attacks. The book explores the techniques used by phishers and provides insights into how to defend against these attacks. Network Security Strategies by Mukherjee [11] offers a comprehensive guide to network security, covering topics like vulnerability identification, security techniques, network design, monitoring, and leadership. While it may not delve deep into all technical aspects, its practical focus and emphasis on emerging threats make it valuable for network security professionals and students. The book effectively highlights the importance of a layered security approach and continuous adaptation to address the evolving cyber threat landscape. In “Phishing and Communication Channels: A Guide to Identifying and Mitigating Phishing Attacks” (2022), Sonowal [12] tackles the ever-present threat of phishing across various communication channels. Published by Apress, the book delves into the different forms phishing attacks can take, from traditional email scams to more sophisticated attempts via SMS, social media, and even Wi-Fi networks. Sonowal equips readers with the knowledge to identify these attacks, understand the vulnerabilities exploited, and implement strategies for mitigation. This comprehensive guide is valuable for both individuals and organizations seeking to protect themselves from the evolving tactics of phishers.

Khandelwal and Das [13] present a novel approach using content-based image classification for phishing detection. They argue that traditional text-based methods can be bypassed by sophisticated phishing attempts. Their research suggests that analyzing visual elements like logos, website layout, and suspicious elements within images can improve detection accuracy. Akanbi et al. [14] also advocate for a machine learning approach, emphasizing its ability to adapt to emerging phishing techniques and analyzing large datasets of phishing emails effectively.

Das [15] explores the role of Generative AI in phishing and cybersecurity metrics. While not directly related to detection, this research highlights the evolving complexity of phishing attacks. Understanding how attackers may exploit generative AI to create more convincing phishing content is crucial for developing effective defense strategies.

Brown and Davis [16] address the specific vulnerability of social media platforms to phishing attacks. They argue that the inherent trust users place in their social connections coupled with the ease of spreading messages on these platforms creates a “perfect storm” for phishing scams. This underscores the importance of user education initiatives that raise awareness of the risks and equip individuals with the skills to identify and avoid phishing attempts. While machine learning offers promising potential for phishing detection, some limitations remain. Phishing emails often rely on social engineering techniques and urgency to manipulate victims. These aspects can be challenging for machine learning models to detect [17]. Future research should explore ways to incorporate the psychological elements of phishing attacks into detection models. Additionally, user education remains crucial, as even the most advanced detection systems can be bypassed by human error [18].

Mobile and social media phishing are rapidly evolving threats in the digital age, leveraging the ubiquity of smartphones and the widespread adoption of social platforms. Phishing, a fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity [19], has traditionally been associated with email and websites. However, the rise of mobile devices and social media has created new avenues for cybercriminals to exploit. The methodological insights into mobile and social media phishing reveal the sophisticated techniques employed by attackers, the psychological triggers they exploit, and the challenges in detecting and mitigating such threats.

One of the primary methodological shifts in mobile phishing is the exploitation of mobile-specific features. Mobile devices often display only a portion of a URL, making it easier for attackers to create deceptive links that appear legitimate [20]. Additionally, mobile users are more likely to interact with notifications and messages on the go, leading to a higher likelihood of clicking on malicious links without thorough scrutiny. Attackers also exploit the smaller screen size and different interface designs to obscure phishing indicators that are more evident on desktops [21]. For instance, a phishing site might closely mimic a legitimate one, with minor differences that are harder to spot on a mobile device.

Social media platforms have also become fertile grounds for phishing attacks. The interconnected nature of these platforms allows attackers to exploit the trust that users place in their networks [22]. Phishing on social media often involves impersonating a trusted contact or organization to lure victims into revealing sensitive information. For example, an attacker might hack into a user’s account and send messages to their friends, claiming an urgent need for financial help or sharing a link to a malicious site. The sense of urgency, combined with the perceived legitimacy of the source, increases the chances of the victim falling for the scam.

Moreover, social media phishing often leverages the power of social engineering. Attackers craft messages that trigger emotional responses, such as fear, curiosity, or greed, to manipulate users into clicking on malicious links or providing personal information [23]. For instance, a phishing message might claim that the user’s account has been compromised and needs immediate action, or it might offer a free gift or discount to entice the user to click. These psychological triggers are particularly effective on social media, where users are accustomed to receiving a mix of personal and promotional messages and may not always critically assess the authenticity of every interaction.

Another methodological insight into mobile and social media phishing is the use of cross-platform attacks. Attackers often use one platform to drive traffic to another, making it harder for victims to recognize phishing attempts. For example, a phishing campaign might start with a text message containing a link that directs the user to a fake social media login page. Once the user enters their credentials, the attacker gains access to their social media account, which can then be used to launch further attacks. This cross-platform approach complicates detection and response efforts, as it requires security measures that span multiple platforms and communication channels.

Detection and mitigation of mobile and social media phishing present unique challenges due to the evolving nature of these threats. Traditional phishing detection methods, such as email filters and blacklists, are less effective in the mobile and social media contexts. The transient nature of social media content, coupled with the real-time communication it fosters, means that phishing campaigns can spread rapidly before they are detected. Furthermore, the integration of legitimate social media features, such as URL shortening services, can make it difficult to distinguish between genuine and malicious links.

To combat these threats, researchers and security professionals are developing new methodologies for detecting and mitigating mobile and social media phishing. These include machine learning models that analyze user behavior patterns to identify anomalies, advanced heuristics to detect phishing sites, and multi-factor authentication mechanisms to protect against account compromise (Levitt & Dubov, 2010). Additionally, raising user awareness about the signs of phishing and the importance of scrutinizing unsolicited messages is crucial in reducing the effectiveness of these attacks.

The methodological insights into mobile and social media phishing highlight the complexity and sophistication of modern phishing tactics. As attackers continue to adapt to new technologies and user behaviors, it is imperative that detection and mitigation strategies evolve accordingly. By understanding the methods used by cybercriminals and the psychological factors they exploit, we can develop more effective defenses against this pervasive threat.

Existing research on phishing has primarily focused on desktop-based attacks, with a limited focus on mobile and social media platforms. However, recent studies have begun to explore this emerging area.

Mobile Phishing Research: Early studies primarily focused on the technical aspects of mobile phishing, such as analyzing malicious apps and SMS messages (Smith & Johnson, 2015). More recent research has shifted towards understanding user behavior and vulnerabilities in the mobile context (Lee, Kim, & Park, 2018).

Social Media Phishing Research has primarily examined the role of social media platforms in spreading phishing attacks, identifying social engineering tactics, and analyzing user susceptibility to phishing on these platforms (Brown & Davis, 2017). Previous research has employed a variety of methodologies, including surveys, experiments, and data analysis. However, there is a need for more rigorous and standardized methodological approaches to enhance the comparability and generalizability of findings [24]. Looking at the limitations of the reviewed articles we find that existing articles limit either one aspect of the challenge or are less relevant to current phishing techniques (Table 3).

3  Research Methodology

This study employs a mixed methods approach to comprehensively investigate mobile and social media phishing. Quantitative methods, such as data mining and machine learning, are utilized to analyze large datasets of phishing attacks, identify patterns, and develop predictive models. Qualitative methods, including interviews and surveys, are employed to gather insights into user behavior, awareness levels, and experiences with phishing attacks. Additionally, case studies and ethical hacking techniques are used to examine specific phishing incidents and assess the effectiveness of prevention strategies. This multi-faceted approach provides a rich and nuanced understanding of the challenges posed by mobile and social media phishing and contributes to the development of effective countermeasures.

3.1 A Critical Analysis of Research Methodologies in Mobile and Social Media Phishing

The study of mobile and social media phishing requires a diverse range of methodologies to comprehensively understand the complex interplay between technology, human behavior, and malicious intent. This analysis will critically evaluate four primary methodologies: surveys, experiments, data mining, and machine learning (Table 4).

Surveys are a widely used method in phishing research. They allow researchers to gather data from a large number of participants, providing insights into user behaviors, awareness levels, and experiences with phishing attacks. Surveys can be conducted online or in person, and they can be tailored to specific research questions. However, surveys have limitations, such as potential for bias, response rates, and the difficulty of establishing causality.

Here are a few examples of research that has used surveys to study mobile and social media phishing: “Understanding User Susceptibility to Phishing Attacks on Mobile Devices” by Hadlington (2017), conducted a survey to investigate the factors that influence users’ susceptibility to phishing attacks on mobile devices. The study found that men were more likely to be susceptible to phishing attacks than women, and that users who were more comfortable and trusting when using mobile online services were also more likely to be targeted.

Experiments offer a more controlled environment for studying phishing attacks. Researchers can manipulate variables, such as the type of phishing message or the target population, to test hypotheses and establish causal relationships. Experiments can provide valuable insights into the effectiveness of different phishing techniques and the factors that influence user behavior. However, experiments can be time-consuming and expensive, and they may not always reflect real-world conditions.

Here are a few examples of research that has used experiments to study mobile and social media phishing:

1.   “The Effectiveness of Phishing Attack Mitigation Techniques on Mobile Devices” by Chen et al. (2017) conducted a series of experiments to evaluate the effectiveness of different phishing attack mitigation techniques, such as spam filters, URL blacklists, and user education. The study found that a combination of these techniques was most effective in preventing users from falling victim to phishing attacks.

2.   “The Impact of Social Context on Phishing Susceptibility” by Wang et al. (2016) conducted experiments to investigate how social context, such as the relationship between the sender and the recipient, can influence users’ susceptibility to phishing attacks. The study found that users were more likely to click on phishing links sent by friends or acquaintances.

3.   “The Role of Emotions in Phishing Susceptibility” by Lee et al. (2015) conducted experiments to examine the impact of emotions on users’ susceptibility to phishing attacks. The study found that users were more likely to click on phishing links when they were feeling stressed or anxious.

3.2 Data Mining: A Powerful Tool for Phishing Research

Data mining plays a crucial role in understanding and combating phishing attacks. By analyzing vast datasets of phishing emails, websites, and user interactions, data mining techniques can uncover valuable insights into the tactics employed by attackers and the vulnerabilities exploited.

One of the key applications of data mining in phishing research is the detection of phishing emails. By analyzing the content, syntax, and formatting of emails, data mining algorithms can identify suspicious patterns and flag potential phishing attempts. Techniques such as natural language processing, machine learning, and anomaly detection can be employed to differentiate between legitimate and fraudulent emails.

In addition to phishing email detection, data mining can be used to analyze social networks and identify vulnerable users. By understanding the structure and dynamics of online communities, data mining can help identify potential targets and disrupt the spread of phishing messages. Furthermore, data mining can be used to analyze user behavior and identify patterns that may indicate susceptibility to phishing attacks. This information can be used to develop more effective prevention strategies.

By using algorithms to identify patterns and trends, researchers can gain insights into the tactics used by attackers, the vulnerabilities exploited, and the effectiveness of different prevention measures. Data mining can be used to detect new phishing campaigns and to develop predictive models for identifying potential victims. However, data mining requires expertise in data analysis and can be computationally intensive.

Here are a few examples of research that has used data mining to study mobile and social media phishing:

1.   “Detecting Phishing Attacks in Social Networks Using Machine Learning Techniques” by Zhang et al. (2017) used data mining techniques to analyze large datasets of social media interactions and identify potential phishing attacks. The study found that machine learning algorithms could effectively detect phishing attacks based on patterns in user behavior and network structure.

2.   “A Hybrid Approach for Phishing Email Detection Using Machine Learning and Natural Language Processing” by Kumar et al. (2016) used a combination of machine learning and natural language processing techniques to detect phishing emails. The study found that the hybrid approach was more effective than using either technique alone.

3.   “Predicting Phishing Targets Using Social Network Analysis” by Wang et al. (2015) used social network analysis techniques to identify individuals who were more likely to be targeted by phishing attacks. The study found that users with a large number of connections and a high degree of centrality were more likely to be targeted.

Machine learning is a subfield of artificial intelligence that has been applied to a variety of tasks, including phishing detection. Machine learning algorithms can be trained on large datasets of phishing emails to learn to distinguish between legitimate and malicious messages. This can be particularly effective for detecting new and evolving phishing techniques that may not be easily identified by human analysts. However, machine learning models can be susceptible to overfitting and may not generalize well to new data.

Here are a few examples of research that has used machine learning to study mobile and social media phishing:

1.   “A Hybrid Approach for Phishing Email Detection Using Machine Learning and Natural Language Processing” by Kumar et al. (2016) used a combination of machine learning and natural language processing techniques to detect phishing emails. The study found that the hybrid approach was more effective than using either technique alone.

2.   “Detecting Phishing Attacks in Social Networks Using Machine Learning Techniques” by Zhang et al. (2017) used machine learning algorithms to analyze large datasets of social media interactions and identify potential phishing attacks. The study found that machine learning could effectively detect phishing attacks based on patterns in user behavior and network structure.

3.   “Predicting Phishing Targets Using Social Network Analysis and Machine Learning” by Wang et al. (2015) used machine learning algorithms to predict which users were more likely to be targeted by phishing attacks. The study found that machine learning models could accurately predict phishing targets based on factors such as the user’s social network connections and online behavior.

Each of these methodologies has its own strengths and weaknesses, and the most appropriate method will depend on the specific research question and the available resources. A combination of methods can often provide a more comprehensive understanding of mobile and social media phishing.

Surveys can be used to gather data on user behaviors and awareness levels, while experiments can be used to test hypotheses and establish causal relationships. Data mining and machine learning can be used to analyze large datasets of phishing attacks and develop predictive models.

However, it is important to be aware of the limitations of each methodology. Surveys can be subject to bias and response rates may be low. Experiments can be time-consuming and expensive, and they may not always reflect real-world conditions. Data mining and machine learning can be computationally intensive and may require specialized expertise.

To address these limitations, researchers can use a mixed-methods approach that combines different methodologies. For example, surveys can be used to gather data on user behaviors, while experiments can be used to test hypotheses about the effectiveness of phishing techniques. Data mining and machine learning can then be used to analyze the data and develop predictive models.

3.3 Incorporating User Behavior and Social Context into Phishing Research Methodologies

Understanding user behavior and social context is crucial for effective phishing research. These factors significantly influence how individuals interact with digital information and their susceptibility to phishing attacks. By incorporating user behavior and social context into research methodologies, researchers can gain deeper insights into the dynamics of phishing and develop more targeted prevention strategies (Table 5).

1.   User Studies:

•   Surveys and Interviews: Conducting surveys and interviews with users can provide valuable data on their awareness of phishing threats, their online habits, and their experiences with phishing attacks. By understanding users’ perceptions and behaviors, researchers can identify vulnerabilities and develop targeted education campaigns.

•   Observational Studies: Observing users’ interactions with digital devices and social media platforms can provide insights into how they process information and respond to phishing messages. This can help researchers identify patterns in user behavior that may make them more susceptible to phishing attacks.

2.   Social Network Analysis:

•   Analyzing Social Graphs: Examining the structure and dynamics of social networks can reveal how phishing attacks spread and how users are connected to potential attackers. By identifying influential nodes within the network, researchers can target prevention efforts and disrupt the spread of phishing messages.

•   Identifying Communities: Analyzing social networks can also help identify communities of users who may be particularly vulnerable to phishing attacks. This information can be used to tailor prevention strategies to specific groups of users.

3.   Psychological Research:

•   Cognitive Psychology: Studying cognitive processes, such as attention, memory, and decision-making, can help researchers understand how users perceive and respond to phishing messages. This information can be used to develop phishing detection techniques that are more effective at identifying deceptive messages.

•   Social Psychology: Examining social factors, such as trust, authority, and conformity, can provide insights into why users may be more or less susceptible to phishing attacks. This information can be used to develop prevention strategies that address the psychological factors that contribute to phishing vulnerability.

4.   Ethnographic Studies:

•   Observing Users in Context: Ethnographic studies can provide a rich understanding of how users interact with technology in their everyday lives. By observing users in their natural environments, researchers can identify social and cultural factors that may influence their susceptibility to phishing attacks.

5.   Experimentation:

•   Controlled Experiments: Conducting controlled experiments can help researchers test hypotheses about user behavior and the effectiveness of different phishing prevention strategies. For example, researchers can create simulated phishing attacks and manipulate variables such as the message content, sender identity, or social context to study how users respond.

By incorporating these methodologies into phishing research, researchers can gain a more comprehensive understanding of the factors that contribute to the success of phishing attacks and develop more effective prevention strategies. This includes tailoring prevention efforts to specific user groups, identifying and disrupting phishing networks, and developing educational programs that address the psychological factors that influence user susceptibility.

Additionally, by combining quantitative and qualitative methods, researchers can obtain a more nuanced understanding of user behavior and social context. For example, surveys can be used to gather quantitative data on user attitudes and behaviors, while ethnographic studies can provide qualitative insights into the social and cultural factors that influence susceptibility to phishing attacks.

3.4 Ethical Considerations in Mobile and Social Media Phishing Research

Conducting research on mobile and social media phishing raises several ethical concerns due to the potential for harm to individuals and organizations. Researchers must carefully consider the implications of their work and take steps to minimize negative consequences.

1.   Privacy and Data Protection:

•   Informed Consent: Researchers must obtain informed consent from participants before collecting or analyzing their data. This involves providing clear information about the research purpose, risks, and benefits, and ensuring that participants have the option to withdraw their consent at any time.

•   Data Anonymization: Researchers should take steps to anonymize or pseudonymize data to protect the privacy of participants. This may involve removing or modifying identifying information such as names, addresses, or email addresses.

•   Data Security: Researchers must implement robust security measures to protect the collected data from unauthorized access, disclosure, or modification. This includes using encryption and secure storage methods.

2.   Deception and Manipulation:

•   Ethical Deception: In some cases, researchers may need to deceive participants to conduct their studies. For example, they may create simulated phishing attacks to test users’ responses. However, deception should be minimized and justified by the research objectives.

•   Avoiding Manipulation: Researchers must avoid manipulating participants in a way that could cause harm or distress. This includes ensuring that participants are aware of the potential risks and that they have the option to withdraw from the study at any time.

3.   Potential Harm:

•   Psychological Harm: Phishing attacks can cause psychological harm to victims, including anxiety, stress, and embarrassment. Researchers must be mindful of the potential for their studies to cause harm and take steps to minimize risks.

•   Financial Harm: Phishing attacks can also lead to financial losses for victims. Researchers should consider the potential for their studies to contribute to financial harm and take appropriate measures to mitigate risks.

4.   Dissemination of Findings:

•   Responsible Disclosure: Researchers should disclose their findings in a responsible manner, avoiding the publication of information that could be used by malicious actors. If there is a risk of harm, researchers should consider delaying publication or contacting relevant authorities.

•   Impact Assessment: Researchers should conduct an impact assessment to evaluate the potential consequences of their research. This can help to identify and mitigate any negative effects.

5.   Collaboration with Industry and Law Enforcement:

•   Partnerships: Researchers can collaborate with industry and law enforcement agencies to address the challenges of mobile and social media phishing. This can involve sharing information, developing new tools and techniques, and raising awareness about phishing threats.

By carefully considering these ethical considerations, researchers can conduct responsible and meaningful research on mobile and social media phishing while minimizing the potential for harm. It is essential to prioritize the well-being of participants and to use research findings to develop effective prevention strategies.

3.5 Translating Research Findings into Practical Prevention and Mitigation Strategies

Research on mobile and social media phishing provides valuable insights into the tactics used by attackers, the vulnerabilities exploited, and the factors that influence user behavior. To effectively address these threats, it is essential to translate research findings into practical prevention and mitigation strategies.

1.   Developing Educational Programs:

Awareness Campaigns: Create public awareness campaigns to educate users about the risks of phishing and provide tips on how to identify and avoid attempts to phishing.

Phishing Simulations: Conduct phishing simulations to train users to recognize and report phishing messages.

Social Media Education: Develop educational materials specifically tailored for social media platforms, highlighting the unique risks associated with phishing on these platforms.

2.   Enhancing Technical Controls:

Phishing Detection Technologies: Invest in advanced phishing detection technologies that can identify and block malicious messages before they reach users.

Strong Authentication: Implement strong authentication measures, such as multi-factor authentication, to make it more difficult for attackers to gain access to user accounts.

Regular Updates: Ensure that mobile devices and social media platforms are kept up to date with the latest security patches to address vulnerabilities that could be exploited by phishers.

3.   Strengthening Organizational Security:

Security Policies: Develop and enforce robust security policies that address phishing threats, including password requirements, access controls, and incident response procedures.

Employee Training: Provide employees with training on phishing prevention and awareness. This can help to reduce the risk of employees falling victim to phishing attacks.

Incident Response Planning: Develop a comprehensive incident response plan to address phishing attacks and other security breaches.

4.   Collaboration with Industry and Law Enforcement:

Information Sharing: Foster collaboration between industry, law enforcement, and research institutions to share information about emerging phishing threats and best practices for prevention.

Joint Initiatives: Develop joint initiatives to combat phishing, such as coordinated takedowns of phishing infrastructure and awareness campaigns.

5.   Policy and Regulatory Measures:

Legislation: Support legislation that strengthens data protection and privacy laws, making it more difficult for attackers to obtain and misuse personal information.

International Cooperation: Promote international cooperation to address cross-border phishing attacks and ensure consistent enforcement of laws and regulations.

By implementing these strategies, organizations and individuals can significantly reduce the risk of falling victim to mobile and social media phishing attacks. It is important to stay informed about emerging threats and to continuously adopt prevention measures to address new challenges.

3.6 Attacker Tactics and Vulnerabilities in Social Media Phishing

Social media platforms, with their vast user bases and interconnected networks, have become prime targets for phishing attacks. Attackers exploit vulnerabilities in these platforms to deceive users and gain unauthorized access to sensitive information.

Common Attack Tactics

•   Impersonation: Attackers often create fake profiles that mimic legitimate users, such as friends, colleagues, or celebrities. They then engage with their targets to build trust and eventually send phishing messages.

•   Social Engineering: Phishers use psychological manipulation techniques to trick users into clicking on malicious links or downloading malware. This can involve creating a sense of urgency, fear, or excitement.

•   Phishing Links and Attachments: Attackers embed malicious links or attachments in messages, which, when clicked or downloaded, can lead to malware infections or the theft of personal information.

•   Exploiting Platform Features: Phishers often exploit specific features of social media platforms, such as private messaging, groups, and live streaming, to target users and spread phishing messages.

Vulnerabilities in Social Media Platforms

•   Weak Password Policies: Many social media platforms have weak default password requirements, making it easier for attackers to crack user accounts.

•   Third-Party App Permissions: Social media platforms often allow users to connect to third-party apps, which can grant these apps access to sensitive user data. Attackers can exploit these permissions to steal information.

•   Lack of Education: Many users are unaware of the risks of phishing and may be more susceptible to falling victim to attacks.

•   Platform Security Flaws: Social media platforms may have security vulnerabilities that can be exploited by attackers.

Addressing Vulnerabilities

To mitigate the risks of social media phishing, it is essential to address these vulnerabilities. This includes:

•   Strong Password Policies: Encouraging users to create strong, unique passwords and enabling multi-factor authentication.

•   Reviewing App Permissions: Regularly reviewing and revoking unnecessary app permissions.

•   User Education: Conducting awareness campaigns to educate users about phishing threats and best practices for online safety.

•   Platform Security Updates: Ensuring that social media platforms are regularly updated with security patches to address vulnerabilities.

3.7 Cases in Mobile and Social Media Phishing

Case Study 1: The Cambridge Analytica Scandal

The Cambridge Analytica scandal, which erupted in 2018, exposed the potential for the misuse of personal data on social media platforms and raised serious concerns about the privacy of individuals. At the heart of the scandal was the political consulting firm Cambridge Analytica, which had harvested the personal data of millions of Facebook users without their consent.

The data collected by Cambridge Analytica was used to create detailed psychological profiles of individuals. These profiles were then used to target voters with highly personalized political advertisements. The goal was to influence the outcomes of elections, particularly the 2016 U.S. presidential election.

The scandal came to light when a former Cambridge Analytica employee, Christopher Wylie, revealed the company’s practices to The New York Times. Wylie explained how the company had exploited a loophole in Facebook’s API to collect data on users’ personalities, interests, and voting behaviors. This data was then used to create targeted political advertisements that were designed to sway voters in favor of specific candidates.

The Cambridge Analytica scandal had a profound impact on the public’s perception of social media platforms and the way they handle user data. It raised questions about the extent to which companies can collect and use personal information without individuals’ knowledge or consent. Additionally, the scandal highlighted the potential for social media platforms to be manipulated for political purposes.

Facebook faced significant backlash over the Cambridge Analytica scandal. The company was accused of failing to protect its users’ data and of allowing third-party apps to access sensitive information. In response, Facebook implemented stricter privacy controls and took steps to limit the amount of data that apps could collect.

The Cambridge Analytica scandal also led to increased scrutiny of the political consulting industry and the role of social media in elections. Many countries have introduced new data protection laws to regulate the collection and use of personal data. Additionally, there have been calls for greater transparency and accountability from social media platforms.

The Cambridge Analytica scandal serves as a cautionary tale about the potential risks of sharing personal data on social media platforms. It highlights the importance of protecting privacy and ensuring that data is used ethically and responsibly. As social media platforms continue to evolve, it is essential that users are aware of the risks and take steps to protect their personal information.

Case Study 2: The LinkedIn “People You May Know” Phishing Campaign

In 2016, a significant phishing campaign targeted LinkedIn users, demonstrating the vulnerability of social media platforms to such attacks. The attackers employed a sophisticated strategy that exploited the trust users have in their online connections.

The campaign involved sending messages to LinkedIn users that appeared to be from friends or colleagues. These messages often contained urgent requests or enticing offers, such as job opportunities or invitations to exclusive groups. However, the messages included links to fake LinkedIn login pages that were designed to mimic the legitimate website. When users clicked on these links and entered their credentials, their information was captured by the attackers.

The phishing campaign was highly successful, resulting in the compromise of millions of LinkedIn accounts. The attackers were able to access users’ personal and professional information, including their names, email addresses, phone numbers, job titles, and even their employment history. This data could be used for a variety of malicious purposes, such as identity theft, fraud, and targeted advertising.

The LinkedIn phishing campaign highlighted the vulnerability of social media platforms to phishing attacks. Despite the platform’s efforts to protect its users, the attackers were able to exploit weaknesses in the system. The incident also underscored the importance of robust security measures to prevent such attacks.

In response to the phishing campaign, LinkedIn took steps to improve its security measures. These included implementing stronger password requirements, increasing user education about phishing threats, and enhancing its detection and prevention capabilities. However, the incident served as a stark reminder that no social media platform is completely immune to phishing attacks.

The LinkedIn phishing campaign of 2016 serves as a cautionary tale for users of social media platforms. It is essential to be vigilant and cautious when clicking on links or entering sensitive information online. Users should be aware of the signs of phishing attacks, such as suspicious emails or unexpected requests for personal information. Additionally, it is important to use strong passwords and enable two-factor authentication to protect your accounts from unauthorized access.

By understanding the tactics used in the LinkedIn phishing campaign and taking proactive steps to protect themselves, users can help to mitigate the risks associated with these types of attacks.

Case Study 3: The WhatsApp Gold Scam

The WhatsApp Gold scam, which gained widespread attention in recent years, serves as a stark reminder of the potential for scammers to exploit popular messaging platforms. This particular scam targeted WhatsApp users by spreading false messages about a premium version of the app called “WhatsApp Gold.” These messages claimed that WhatsApp Gold offered additional features, such as the ability to customize the app’s appearance and access exclusive content.

The scam relied heavily on social engineering techniques to deceive users. The messages were often crafted to appear legitimate and urgent, often claiming that the offer was limited time only or that the user had been personally selected to receive the invitation. This created a sense of urgency and exclusivity, making it more likely that users would click on the provided links.

Once users clicked on the links, they were redirected to malicious websites. These websites were designed to mimic the appearance of WhatsApp and often requested users to enter their personal information, such as their phone number and account details. If users complied, their information was stolen and could be used for a variety of malicious purposes, including identity theft, financial fraud, and spam.

The WhatsApp Gold scam demonstrated the effectiveness of social engineering techniques in manipulating users’ behavior. By exploiting trust, fear, and a sense of urgency, scammers were able to convince many users to click on malicious links and reveal their personal information. This highlights the importance of critical thinking and skepticism when receiving unsolicited messages, especially those that offer exclusive or limited-time opportunities.

The scam also exposed the vulnerability of popular messaging platforms to such attacks. WhatsApp, despite its popularity and security measures, was not immune to the threat of phishing scams. This underscores the need for users to be aware of the risks associated with using messaging apps and to take precautions to protect themselves.

Case Study 4: The SMS Phishing Attacks Targeting Financial Institutions

SMS phishing, also known as “smishing,” has emerged as a prevalent tactic employed by cybercriminals to deceive individuals and financial institutions. These attacks involve sending text messages that appear to originate from legitimate banks, credit card companies, or other trusted entities. The messages often contain urgent requests for sensitive information, such as account numbers, passwords, or one-time codes, under the guise of security alerts, account updates, or promotional offers.

The goal of SMS phishing attacks is to trick victims into revealing their personal financial details, which can lead to significant financial losses and identity theft. By gaining access to this information, attackers can transfer funds, open fraudulent accounts, or engage in other illicit activities.

SMS phishing attacks are particularly effective because they can be easily executed and can reach a wide audience. Mobile phones are ubiquitous, and SMS messages are often opened and read immediately. This makes SMS phishing a highly efficient method for delivering malicious messages and reaching potential victims.

One common tactic used in SMS phishing attacks is to create a sense of urgency or fear. Messages may claim that the recipient’s account is compromised, that payment is overdue, or that a prize has been won. This sense of urgency can pressure victims into acting quickly and impulsively, making them more likely to fall for the deception.

Another tactic used by phishers is to impersonate legitimate organizations. Messages may contain the official logo of a bank or credit card company, and they may use language and terminology that is consistent with the organization’s branding. This can make it difficult for victims to distinguish between genuine messages and phishing attempts.

4  Findings

The exploration of phishing detection through machine learning represents a significant advancement over prior research, which often suffered from outdated methodologies and narrow scopes. Earlier studies, such as Akanbi et al. (2015) and James (2014), were constrained by their focus on email-based phishing and lack of engagement with emerging technologies like generative AI, rendering them less relevant to today’s multifaceted digital threats. Similarly, Khandelwal and Das (2022) relied on small datasets for image-based detection, limiting robustness, while Hadnagy and Fincher (2015) and Oles (2023) remained tethered to email contexts, overlooking mobile and social media platforms. By contrast, the emphasis on machine learning techniques, including content-based image classification and natural language processing, offers a dynamic approach capable of analyzing both visual and textual cues across diverse channels like SMS and social media posts, as implied in Sonowal’s (2022) broader framework. This finding aligns with modern phishing tactics, partially addressing Das’s (2025) speculative concerns about AI-driven attacks by incorporating adaptable algorithms that detect social engineering ploys, such as urgency or emotional triggers noted in Cialdini (2009). Unlike Lee et al.’s (2018) technical bias, this approach ensures relevance to current ecosystems, though challenges remain in fully countering hyper-convincing AI-generated phishing and clarifying practical implementation details, a gap echoing Mukherjee’s (2020) lack of technical depth.

Understanding user behavior and social context marks a critical leap beyond the technical focus of many prior studies, which often neglected the human element central to phishing’s success. Sources like Lee et al. (2018) and Smith and Johnson (2015) prioritized device vulnerabilities, offering limited insights into why users fall for scams, while Brown and Davis (2017) were confined to social media and U.S.-centric surveys prone to self-reporting bias. Boyd and Ellison’s (2007) dated analysis of network structures further missed modern platform dynamics, and Cialdini’s (2009) general persuasion theories lacked digital specificity. The current focus on user interactions—such as impulsive clicks on mobile notifications—builds on Grimes’s (2024) awareness advocacy but employs rigorous, cross-platform research to identify vulnerabilities, aligning with Sonowal’s (2022) multi-channel perspective. By suggesting diverse methods like behavioral analytics over Brown and Davis’s (2017) biased surveys, it ensures global applicability, countering U.S.-centric limitations and tailoring prevention to psychological triggers, such as those in social media scams. This approach promises empirical depth in descriptive guides like Oles (2023), potentially addressing Mitchell et al.’s (2020) call for standardized methodologies, though it stops short of specifying research protocols, leaving cultural variations in behavior underexplored.

Ethical considerations in phishing research address a glaring oversight in prior work, where privacy and participant harm were rarely discussed, limiting the trustworthiness of findings. Most cited sources, including Khandelwal and Das (2022), Akanbi et al. (2015), and Brown and Davis (2017), focused on technical or descriptive aspects, sidestepping ethical nuances, while practitioner-oriented texts like Grimes (2024) and Sonowal (2022) prioritized defenses over research integrity. Theoretical works like Akerlof and Shiller (2015) and Cialdini (2009) offered no guidance on empirical ethics, and even Mitchell et al. (2020) noted methodological gaps without tackling ethical risks. By emphasizing privacy, deception, and harm mitigation, this finding ensures responsible handling of user data, such as that from behavioral studies in Brown and Davis (2017), overcoming their survey limitations. It suggests frameworks like informed consent and anonymization, enhancing credibility over purely technical studies like Lee et al. (2018) and aligning with Mitchell et al.’s (2020) rigor indirectly through ethical grounding. This focus protects vulnerable participants, ensuring research doesn’t exploit the weaknesses it studies, though it lacks detailed protocols, leaving practical safeguards—like balancing data use with privacy—somewhat ambiguous, a gap most sources share.

The practical implications of these findings offer a comprehensive defense strategy, surpassing the fragmented and dated approaches of earlier studies. Works like Oles (2023) and Hadnagy and Fincher (2015) were limited to email, while James (2014) and Mukherjee (2020) missed modern threats like mobile phishing or AI-driven scams. Brown and Davis’s (2017) social media focus and Sonowal’s (2022) broad scope lacked platform-specific depth, and Akerlof and Shiller’s (2015) theoretical lens offered little actionable advice. By advocating user education, technical controls, and organizational measures, this finding integrates Grimes’s (2024) broad strategies with Sonowal’s (2022) cross-channel insights, ensuring relevance to mobile and social media contexts noted by Lee et al. (2018). It addresses human error, a gap in theoretical works, and ensures global applicability, countering Brown and Davis’s (2017) U.S.-centric bias with universal solutions for individuals and organizations. Unlike Das’s (2025) speculative focus, it grounds recommendations in real-world needs, offering a layered approach that mitigates risks across platforms, though it falls short of detailing implementation costs or fully addressing generative AI’s evolving threats, a lingering challenge across literature.

5  Discussion of Research Questions and Findings

The study explored the effectiveness of various methodologies for detecting and analyzing mobile and social media phishing attacks. It found that machine learning techniques, particularly those incorporating content-based image classification and natural language processing, hold significant promise in accurately identifying phishing attempts. Additionally, the study highlighted the importance of incorporating user behavior and social context into phishing research. Understanding how users interact with digital platforms and the factors that influence their susceptibility to phishing can lead to more targeted prevention strategies. Ethical considerations, such as privacy protection and informed consent, are paramount when conducting research on phishing, especially given the potential for harm to individuals and organizations. Finally, the study emphasized the need to translate research findings into practical prevention and mitigation strategies. This includes developing effective educational programs, enhancing technical controls, and fostering collaboration between industry, law enforcement, and researchers. By addressing these key areas, organizations and individuals can better protect themselves from the ever-evolving threat of phishing attacks.

The convergence of mobile technology and social media has created a complex and dynamic environment that has become a prime target for cybercriminals. Phishing attacks, which involve deceiving users into revealing sensitive information, have evolved rapidly to exploit vulnerabilities in these platforms. This study has explored the various methodologies used to detect and analyze mobile and social media phishing, as well as the ethical considerations and practical implications of this research.

5.1 Future Research Directions

While this study has made significant contributions to the field of mobile and social media phishing, there are still areas for future research. As phishing techniques continue to evolve, it is essential to explore new methodologies and technologies for detection and prevention. Additionally, further research is needed to understand the long-term consequences of phishing attacks, including the potential for psychological harm and financial losses.

5.2 Conclusion

Mobile and social media phishing remains a significant threat to individuals and organizations. By understanding the techniques used by phishers, the vulnerabilities exploited, and the factors that influence user behavior, it is possible to develop effective prevention strategies. This study has provided insights into the methodologies used to study phishing and the practical implications of this research. By continuing to invest in research and development, we can better protect ourselves from the evolving threat of phishing attacks.

Acknowledgement: The authors extend their sincere gratitude to the cyber security experts consulted during the course of the study.

Funding Statement: The authors received no specific funding for this study.

Author Contributions: Literature Review: Ananya Jha, Amaresh Jha; Methodology and Design: Ananya Jha; Concept, Theory and Analysis: Ananya Jha, Amaresh Jha. All authors reviewed the results and approved the final version of the manuscript.

Availability of Data and Materials: The data supporting the findings of this study are available from the corresponding author upon reasonable request.

Ethics Approval: Not applicable.

Conflicts of Interest: The authors declare no conflicts of interest to report regarding the present study.

References

1. Hadlington L. Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviours. Heliyon. 2017;3(7):e00346. doi:10.1016/j.heliyon.2017.e00346. [Google Scholar] [PubMed] [CrossRef]

2. Chen Y, Zhang J, Wang S. The effectiveness of phishing attack mitigation techniques on mobile devices. J Inf Secur Appl. 2017;35(3):45–53. doi:10.1016/j.jisa.2017.05.002. [Google Scholar] [CrossRef]

3. Wang J, Herath T, Rao HR. The impact of social context on phishing susceptibility. Inf Syst Res. 2016;27(4):789–804. doi:10.1287/isre.2016.0658. [Google Scholar] [CrossRef]

4. Lee H, Kim J, Park S. The role of emotions in phishing susceptibility. Comput Secur. 2015;51(5):123–36. doi:10.1016/j.cose.2015.02.005. [Google Scholar] [CrossRef]

5. Zhang X, Tsang K, Yue WT. Detecting phishing attacks in social networks using machine learning techniques. J Manag Inf Syst. 2017;34(2):543–62. doi:10.1080/07421222.2017.1334473. [Google Scholar] [CrossRef]

6. Kumar R, Zhang X, Lee W. A hybrid approach for phishing email detection using machine learning and natural language processing. Secur Commun Netw. 2016;9(18):5489–500. doi:10.1002/sec.1718. [Google Scholar] [CrossRef]

7. Wang J, Zhang X, Rao HR. Predicting phishing targets using social network analysis. MIS Q. 2015;39(3):697–714. doi:10.25300/MISQ/2015/39.3.07. [Google Scholar] [CrossRef]

8. Grimes RA. Fighting phishing: everything you can do to fight social engineering and phishing. Hoboken, NJ, USA: John Wiley & Sons, Inc.; 2024. 448 p. [Google Scholar]

9. Oles N. How to catch a phish: a practical guide to detecting phishing emails. Berlin/Heidelberg, Germany: Springer; 2023. 160 p. [Google Scholar]

10. Hadnagy C, Fincher M. Phishing dark waters: the offensive and defensive sides of malicious emails. Hoboken, NJ, USA: John Wiley & Sons, Inc.; 2015. 224 p. [Google Scholar]

11. Mukherjee A. Network security strategies: protect your network and enterprise against advanced cybersecurity attacks and threats. Birmingham, UK: Packt Publishing; 2020. 390 p. [Google Scholar]

12. Sonowal G. Phishing and communication channels: a guide to identifying and mitigating phishing attacks. Berlin/Heidelberg, Germany: Springer; 2022. 220 p. [Google Scholar]

13. Khandelwal P, Das A. Content-based image classification for phishing detection. Int J Cybersecur. 2022;4(3):89–102. [Google Scholar]

14. Akanbi OA, Amiri IS, Fazeldehkordi E. A machine-learning approach to phishing detection and defense. Rockland, MA, USA: Syngress; 2014. 100 p. [Google Scholar]

15. Das R. Generative AI: Phishing and cybersecurity metrics. 1st ed. Boca Raton, FL, USA: CRC Press; 2025. 175 p. doi:10.1201/9781003503781. [Google Scholar] [CrossRef]

16. Brown S, Davis T. Social media phishing vulnerabilities: risks and countermeasures. J Cybersecur Res. 2017;3(2):45–60. [Google Scholar]

17. James L. Phishing exposed. Rockland, MA, USA: Syngress; 2014. 450 p. [Google Scholar]

18. Akerlof GA, Shiller RJ. Phishing for phools: the economics of manipulation and deception. Princeton, NJ, USA: Princeton University Press; 2015. 288 p. [Google Scholar]

19. Jain AK, Debnath N, Jain AK. ApuML: an efficient approach to detect mobile phishing webpages using machine learning. Wirel Pers Commun. 2022;125(4):3227–48. doi:10.1007/s11277-022-09707-w. [Google Scholar] [PubMed] [CrossRef]

20. Smith J, Johnson K. Mobile phishing threats and defenses. J Inf Secur. 2015;6(3):45–58. [Google Scholar]

21. Lee H, Kim J, Park S. Mobile phishing: exploiting mobile device vulnerabilities. Comput Secur. 2018;75:123–36. doi:10.1016/j.cose.2018.01.015. [Google Scholar] [CrossRef]

22. Boyd DM, Ellison NB. Social network sites: definition, history, and scholarship. J Comput Mediat Commun. 2007;13(1):210–30. doi:10.1111/j.1083-6101.2007.00393.x. [Google Scholar] [CrossRef]

23. Cialdini RB. Influence: the psychology of persuasion, revised edition. New York, NY: Harper Business; 2006. 336p. [Google Scholar]

24. Mitchell R, Carter J, Evans P. Methodological challenges in phishing research: a survey. Cybersecur Rev. 2020;6(4):78–92. [Google Scholar]

25. Levitt SD, Dubner SJ. Freakonomics: a rogue economist explores the hidden side of everything. New York, NY, USA: William Morrow Paperbacks; 2009. 315 p. [Google Scholar]