|
| Approach | Classification diagram | Mechanism | Contribution | Limitations | Implementation scenario | Technology/algorithms used/tools |
|
| Network-level protection [14] | IP | Internet service providers database is used | Attack detection good, offender address list is up to date | Rule tuning, message content not verified | DNS | Snort |
| Authentication [15] | Certificates | User, domain, e-mail, and transaction based authentication based on digital signatures and hashing | Less complexity, no need of inter e-mail domains cooperation, enhance security | Vulnerable to man-in-the-middle attacks, technology constraints | Hotmail, Yahoo, Gmail | PGP, S/MIME |
| Client-side tools [16] | URL | Whitelisting and blacklisting | Legitimate e-mail will be acceptable only, best for already known phishing websites | High false positive and false negative rate for white- and blacklisting respectively | Mozilla, Firefox, and Internet Explorer browsers | Net craft, eBay toolbar, IE phishing filter |
| User education [17] | Social engineering | Online material, online test, and contextual training | Authority, attractive and impressive | False negative | All scenarios | Smart OS |
| Server-side filters and classifiers [18] | Technical maneuvers | Compare multiple classifiers and clustering techniques | Discover phishing attacks with narrow earlier knowledge | Time and space tradeoff | Internet browsers | Support vector machines |
|
