International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Phishing Detection Methods: A Taxonomy, Comparative Study, and Research Outlook

Abstract

Phishing is still a common and advanced cybersecurity threat that compromises sensitive data by taking advantage of system and human flaws. Anti-phishing tools, heuristic approaches, machine learning-based strategies, and metaheuristic algorithms are the four categories into which this research methodically evaluates and divides phishing detection methods. Every technique is evaluated rigorously for efficacy, pointing out its advantages and disadvantages. In addition to addressing shortcomings like managing zero-day phishing assaults and scalability in big datasets, the paper highlights notable developments in phishing detection, such as the use of hybrid approaches and real-time detection algorithms. The results encourage the creation of more reliable, flexible, and effective solutions and offer a roadmap for further study.

Country : Kenya

1 Stephen Ngure Gitonga2 Preston Jeremiah Simiyu

  1. Department of Information Technology, Masinde Muliro University of Science and Technology, Kenya
  2. Department of Information Technology, Masinde Muliro University of Science and Technology, Kenya

IRJIET, Volume 10, Issue 2, February 2026 pp. 14-18

doi.org/10.47001/IRJIET/2026.102003

Full Paper
Download

References

  1. M. Abdolrazzagh-Nezhad and N. Langari, “Phishing Detection Techniques: A Review,” Data Science: Journal of Computing and Applied Informatics, vol. 9, no. 1, Jan. 2025. [Online]. Available: https://doi.org/10.32734/jocai.v9.i1-19904
  2. T. Ige, C. Kiekintveld, A. Piplai, A. Waggler, O. Kolade, and B. H. Matti, “An Investigation into the Performances of the Current State-of-the-Art Naïve Bayes, Non-Bayesian and Deep Learning Based Classifiers for Phishing Detection: A Survey,” arXiv preprint arXiv:2411.16751, Nov. 2024. [Online]. Available: https://arxiv.org/abs/2411.16751
  3. N. Altwaijry, H. A. Jalab, A. A. Younis, and R. S. Ahmad, “Detecting Phishing Emails Using 1D-CNN and Recurrent Neural Networks,” Computers, Materials & Continua, vol. 75, no. 3, pp. 5733–5748, 2023.
  4. M. R. Islam, M. M. Islam, and M. S. Uddin, “PhishGuard: An Ensemble Machine Learning Approach for Effective Phishing Website Detection,” Security and Privacy, vol. 6, no. 1, e150, 2023.
  5. M. Fajar, A. Al-Dahoud, and T. Ahmed, “Explainable Boosting Machines vs. CatBoost and XGBoost for Phishing URL Detection,” Journal of Intelligent Systems, vol. 33, no. 4, pp. 1043–1059, 2023.
  6. M. Hossain, T. Sultana, and R. Rahman, “Comparative Analysis of Anti-Phishing Tools in Modern Browsers,” IEEE Access, vol. 11, pp. 45231–45245, 2023.
  7. W. Liu, X. Deng, G. Huang, and A. Y. Fu, “PhishZoo: Detecting Phishing Websites by Visual Similarity,” IEEE Trans. Dependable Secure Comput., vol. 12, no. 6, pp. 626–639, Nov.–Dec. 2021.
  8. S. Sheng, B. Magnien, P. Kumaraguru, A. Acquisti, L. Cranor, J. Hong, and E. Nunge, “Anti-Phishing Phil: The Design and Evaluation of a Game That Teaches People Not to Fall for Phish,” Proc. 3rd Symp. Usable Privacy and Security (SOUPS), pp. 88–99, 2020.
  9. A.Mohamed, Y. Singh, and S. Rao, “Survey of Cloud-Based Anti-Phishing Solutions for Enterprise Environments,” J. Netw. Comput. Appl., vol. 210, p. 103589, 2023.
  10. A.Sharma and D. Goyal, “Advanced Email Security Using NLP-Based Phishing Detection in Cloud Platforms,” IEEE Trans. Cloud Comput., early access, doi: 10.1109/TCC.2023.3291211.
  11. M. Aburrous, M. Hossain, K. Dahal, and F. Thabtah, “Intelligent phishing detection system for e-banking using fuzzy data mining,” Expert Systems with Applications, vol. 37, no. 12, pp. 7913–7921, Dec. 2010.
  12. R. Verma and K. Dyer, “On the character of phishing URLs: Accurate and robust statistical learning classifiers,” Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, 2015, pp. 111–122.
  13. M. Chandrasekaran, R. Chinchani, and S. Upadhyaya, “Phishing email detection based on structural properties,” New York State Cyber Security Conference, 2006.
  14. H. A. Mahmood and S. Khan, “A survey on phishing detection using data mining and machine learning techniques,” International Journal of Advanced Computer Science and Applications (IJACSA), vol. 9, no. 10, 2018.
  15. S. Garera, N. Provos, M. Chew, and A. D. Rubin, “A framework for detection and measurement of phishing attacks,” Proceedings of the 2007 ACM Workshop on Recurring Malcode (WORM), pp. 1–8.
  16. T. Basnet, M. Sung, and K. Sung, “Phishing email detection by hybrid features and random forest classifier,” 2012 IEEE International Conference on Information Science and Applications, 2012.
  17. Y. Zhang, J. Hong, and L. Cranor, “CANTINA: A content-based approach to detecting phishing web sites,” Proceedings of the 16th International Conference on World Wide Web, 2007, pp. 639–648.
  18. S. Marchal, J. Francois, R. State, and T. Engel, “PhishStorm: Detecting phishing with streaming analytics,” IEEE Transactions on Network and Service Management, vol. 14, no. 3, pp. 688–702, 2017.
  19. J. Sahoo, I. S. Mohapatra, and J. P. Mohanty, “A comprehensive study on phishing attacks,” International Journal of Computer Applications, vol. 69, no. 17, 2013.
  20. K. Thomas, D. Y. Huang, D. Wang, and J. R. Mayer, “Framing phishing: An empirical examination of framing effects on phishing detection behavior,” IEEE Symposium on Security and Privacy (SP), 2018.
  21. A.Jain and B. B. Gupta, “Phishing detection: Analysis of visual similarity-based approaches,” Security and Privacy, vol. 1, no. 1, pp. 1–14, 2018.
  22. L. Liu, Y. Wang, and H. Zhang, “URLNet: Learning a URL representation with deep learning for malicious URL detection,” Proceedings of the 2018 ACM SIGKDD Conference, pp. 1950–1959, 2018.
  23. N. Abdelhamid, A. Ayesh, and F. Thabtah, “Phishing detection: A recent intelligent machine learning comparison based on models, methods and features,” Computers & Security, vol. 91, pp. 101708, 2020.
  24. B. Moghimi and M. Varjani, “New rule-based phishing detection method for emails,” Journal of Information Security and Applications, vol. 20, pp. 39–49, 2015.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies