Volume 14, Number 5

A Comprehensive Survey of Phishing Attacks and Defences: Human Factors, Training and the Role of Emotions


Mousa Jari, Newcastle University, UK & King Saud University, Saudi Arabia


Phishing is a sort of cybercrime as well as a security risk that enables ('phishers') to trick, manipulate, and deceive users into divulging and revealing confidential and sensitive information. Typically, attackers aim to influence and manipulate victims' psyche and emotions. The growing threat of phishing has made it desirable to investigate, and significant research has been undertaken on this matter. This paper explores the human and emotional factors that have been reported in previous studies to be significant in phishing victimization. In addition, we compare what security organizations and researchers have highlighted and emphasised in terms of phishing types and categories as well as training in tackling the problem, in a literature review which takes into account all major credible and published sources.


Phishing, emotion, information, victimization, training.