PHISHING ATTACKS & DEFENSES: A COMPREHENSIVE REVIEW OF MACHINE LEARNING, HUMAN FACTORS, AND ORGANIZATIONAL STRATEGIES

Abstract

Phishing attacks continue to be one of the most critical and persistent cybersecurity threats in the digital era. They combine technical deception with social engineering to mislead users into disclosing sensitive information such as passwords, credit card numbers, and organizational credentials. The evolution of phishing techniques, including spear phishing, HTTPS adoption, and lateral propagation inside organization, has rendered conventional detection mechanisms inadequate. In response research has produced innovation spanning three complementary domains: technical defences based on machine learning and certificate analysis, human centric investigations into susceptibility and awareness training, and organizational approaches addressing policy, economic trade-offs, and lateral threats. This review integrates findings from recent high-impact studies. Technical defences such as support vector machines, logistic regression with mutual information, random forests and TLS certificate analysis achieve very high detection accuracy, remine vulnerable to adversarial adaptation. Human-focused studies reveal that susceptibility to phishing is influenced by contextual relevance, individual motivation, and unpredictability across usres, underscoring the limits of training alone. Organizational research emphasizes spear phishing detection, valuation of information security, and the role of employee information seeking in shaping resilience. By structuring the review chronologically, thematically, methodologically, this paper provides a panoramic understanding of phishing research. It identifies critical shortcomings, such as the gap between high algorithmic accuracy and real-world development, persistent unpredictability of human behaviour, and the difficulty in quantifying economic incentives for security adoption. Future work should focus on adversarially robust detection, adaptive awareness strategies, integration of technical and human models, and economic frameworks that motivate investment in phishing defences.