Fifteen years of phishing: can technology save us?

  title={Fifteen years of phishing: can technology save us?},
  author={Steven Furnell and Kieran Millet and Maria Papadaki},
  journal={Computer Fraud \& Security},
With the first incidents dating back to 2003, phishing has now been a problem for over a decade and a half. Unfortunately, just like malware, it's proven to be the cyber security equivalent of an unwanted genie that we can't put back in the bottle. Despite many efforts to educate users and provide safeguards, people are still falling victim. Although it is a long-established threat, phishing continues to grow and represents a significant issue for individuals and organisations. Steven Furnell… Expand
6 Citations
Assessment of End-User Susceptibility to Cybersecurity Threats in Saudi Arabia by Simulating Phishing Attacks
This study focuses on evaluating the level of cybersecurity knowledge and cyber awareness in Saudi Arabia by assessing end-user susceptibility through three phishing attack simulations and discusses the tools and techniques associated with each attack simulation. Expand
When believing in technology leads to poor cyber security: Development of a trust in technical controls scale
Results suggest that the TTCS is a useful complement to ISA in understanding and predicting certain cyber security behaviours and predicted an individual's ability to detect a phishing email to a similar degree as other factors such as ISA, non-verbal IQ and cognitive impulsivity. Expand
Evaluation of Montenegrin Seafarer's Awareness of Cyber Security
e-mail: Topics on maritime cyber security have undoubtedly been attracting great public attention in recent days. The reasons are rapidly evolving computing technologies andExpand
The human factor: assessing individuals' perceptions related to cybersecurity
Four unique viewpoints emerged such that one represents cybersecurity best practices and the remaining three viewpoints represent poor cybersecurity behaviors that indicate a need for educational interventions within both the public and private sectors. Expand
Introducing the concept of cybersecurity footprint
Purpose This paper aims to introduce the concept of cybersecurity footprint. Design/methodology/approach Characteristics of cybersecurity footprint are presented based on documented cases, and theExpand
An Examination of User Detection of Business Email Compromise Amongst Corporate Professionals
iv Acknowledgements vi List of Tables ix List of Figures x


A Survey of Phishing Email Filtering Techniques
This is the first comprehensive survey to discuss methods of protection against phishing email attacks in detail, and presents an overview of the various techniques presently used to detect phishing emails, at the different stages of attack, mostly focusing on machine-learning techniques. Expand
Examining the effectiveness of phishing filters against DNS based phishing attacks
  • S. Purkait
  • Engineering, Computer Science
  • Inf. Comput. Secur.
  • 2015
This work proposes the inclusion of domain name system server authentication and verification of name servers for a visiting website for all future anti-phishing toolbars and proposes that a Web browser should maintain a white list of websites that engage in online monetary transactions so that when a user requires to access any of these, the default protocol should always be HTTPS. Expand
Handcrafted Fraud and Extortion: Manual Account Hijacking in the Wild
This paper focuses on manual account hijacking---account hijacking performed manually by humans instead of botnets, and describes the details of the hijacking workflow: the attack vectors, the exploitation phase, and post-hijacking remediation. Expand
  • 2019
  • 2019
  • 2018
  • 2015