|Williams and Li (2017), Afroz and Greenstadt (2011)||Detect and block the phishing web sites manually in time.||
• Most of the internet users do not have the knowledge to identify a phishing webpage in real-time.|
• Even trained people fall into the attack because people tend to forget to check the website’s legitimacy while they are busy with their work.
• Security awareness training is not continuous.
|Ma et al. (2009), Mao et al. (2017), Futai et al. (2016)||Detection based on URL and Content of Websites.||
• They lack in new website URL detection|
• These methods are not accurate and they tend to modest false-negative rate.
|Roy et al. (2013), Pandey and Ravi (2013)||Block the phishing E-mails by various spam filter software||
• These spam filters tend to block genuine messages.|
• They fail to detect these attacks apart from email-threads.
|Hu et al. (2016), Wu et al. (2019)||Server-side Detection||
• Users will receive delayed responses from servers about the authenticity of the website.|
• They underperform in slow internet connections.
|Armano et al. (2016), Marchal et al. (2017)||Client-side Detection||
• These software’s signature-based security controls are proving less and less effective as years pass by. For example, these solutions are not particularly good at identifying file-less malware.|
• They utilize a lot of memory.
|Mei et al. (2016)||Other Detection methods||• It is not effective on pages that are not visited previously and websites should be maintained by constantly updating to preserve better accuracy.|