A Taxonomy of Phishing: Attack Types Spanning Economic, Temporal, Breadth, and Target Boundaries

Authors

Daniel Pienta, Clemson University
Jason Bennett Thatcher, The University of Alabama
Allen C. Johnston, The University of Alabama

Abstract

Phishing remains a pernicious problem for organizations. Phishing attacks are increasing in sophistication, which hinders the ability of cybersecurity functions to effectively defend against them. These attacks are becoming increasingly complex, dynamic, and multifaceted to evade the organizational, individual, and technical countermeasures employed in a cybersecurity ecosystem. Information security (ISec) phishing research and practice have provided an understanding of generalized phishing attacks and their subsequent defense. Yet by applying generalized phishing rules to these studies, it may not be sufficient to understand and defend escalated forms of phishing. This study seeks to develop a taxonomy of phishing to provide a more nuanced understanding of this phenomena. This taxonomy may assist ISec research in providing theoretical guidance for the understanding and defense of the various forms of phishing.

Recommended Citation

Pienta, Daniel; Thatcher, Jason Bennett; and Johnston, Allen C., "A Taxonomy of Phishing: Attack Types Spanning Economic, Temporal, Breadth, and Target Boundaries" (2018). WISP 2018 Proceedings. 19.
https://aisel.aisnet.org/wisp2018/19