Phishing environments, techniques, and countermeasures: A survey

Ahmed Aleroud, Lina Zhou

Research output: Contribution to journalReview articlepeer-review

123 Scopus citations


Phishing has become an increasing threat in online space, largely driven by the evolving web, mobile, and social networking technologies. Previous phishing taxonomies have mainly focused on the underlying mechanisms of phishing but ignored the emerging attacking techniques, targeted environments, and countermeasures for mitigating new phishing types. This survey investigates phishing attacks and anti-phishing techniques developed not only in traditional environments such as e-mails and websites, but also in new environments such as mobile and social networking sites. Taking an integrated view of phishing, we propose a taxonomy that involves attacking techniques, countermeasures, targeted environments and communication media. The taxonomy will not only provide guidance for the design of effective techniques for phishing detection and prevention in various types of environments, but also facilitate practitioners in evaluating and selecting tools, methods, and features for handling specific types of phishing problems.

Original languageEnglish (US)
Pages (from-to)160-196
Number of pages37
JournalComputers and Security
StatePublished - Jul 1 2017
Externally publishedYes


  • Honeypots
  • Mobile phishing
  • Ontology
  • Phishing
  • Phishing detection
  • Social engineering
  • Social networks phishing

ASJC Scopus subject areas

  • Computer Science(all)
  • Law


Dive into the research topics of 'Phishing environments, techniques, and countermeasures: A survey'. Together they form a unique fingerprint.

Cite this