One of the most common and costly forms of deception and fraud online is phishing. Due to the ramifications of successfulphishing attacks, security experts and researchers seek to better understand this phenomenon. Prior phishing research hasaddressed the “bait” and “hook” components of phishing attacks, the human-computer interaction that takes place as usersjudge the veracity of phishing emails and websites, and the development of technologies that can aid users in identifying andrejecting these attacks. Despite the extant research on this topic, phishing attacks continue to be successful as tactics evolve,rendering existing research less relevant. Although numerous tools have been created to aid people in recognizing phishingattacks, users disregard the recommendations of these tools. This paper summarizes the core of phishing research, providesan update on trending attack methods, and proposes future research addressing computer credibility in a phishing context.
Proudfoot, Jeffrey Gainer; Giboney, Justin Scott; Schuetzler, Ryan M.; and Durcikova, Alexandra, "Trends in Phishing Attacks: Suggestions for Future Research" (2011). AMCIS 2011 Proceedings - All Submissions. Paper 424.