Analiza bibliometryczna phishingu

Patryk Król

doi:10.26354/bb.3.4.101.2025

Published: 2026-02-18

Vol. 101 No. 4 (2025)

Bibliometric analysis of phishing

Patryk Król

Section: Problems and Opinions

https://doi.org/10.26354/bb.3.4.101.2025

Abstract

Purpose: This article presents a comprehensive bibliometric analysis of scientific literature on phishing with particular emphasis on the banking and financial sector, aiming to identify key research trends, influential authors, and prospective development directions in the period 2003-2024.

Methodology: The study employs the bibliometrix tool and Web of Science database data comprising 4,245 documents from 2,355 sources. The analysis is characterized by an annual publication growth rate of 16.35% with an average of 13.73 citations per document. The corpus contains publications by 11,755 authors with 91,018 references, reflecting the multidisciplinary nature of the research field.

Results: IEEE Access dominates with 135 publications, while Computers & Security ranks second with 104 publications. Carnegie Mellon University leads among institutions with 75 publications. The analysis reveals evolution from traditional defense methods (2006-2015) toward artificial intelligence and blockchain technologies (2020-2024). The most frequently cited publications are works by Jagatic et al. (2007) - 540 citations and Anderson (2006) - 385 citations. Identification of two main thematic clusters indicates a dichotomy between security research and detection methods based on modeling.

Conclusions: Phishing research in the financial sector is characterized by intensive development with a paradigm shift toward personalized detection systems utilizing machine learning. Future directions include interdisciplinary research combining technical with behavioral aspects and application of blockchain technology in identity verification systems.

Keywords:

phishing , cybersecurity , banking sector , bibliometric analysis , machine learning , blockchain , financial security

JEL Codes

G21, G28, O33, C80

Download files

pdf (Język Polski) ENG_pdf

Citation rules

Król, P. (2026). Bibliometric analysis of phishing. Safe Bank, 101(4), 48–63. https://doi.org/10.26354/bb.3.4.101.2025

Cited by / Share

Licence

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Most read articles by the same author(s)

Patryk Król, Phishing as the main threat to digital banking security , Safe Bank: Vol. 94 No. 1 (2024)
Patryk Król, Skimming as a threat to mobile banking security , Safe Bank: Vol. 96 No. 3 (2024)
Patryk Król, Ransomware as a threat to the security of critical infrastructure, with a focus on the financial system , Safe Bank: Vol. 98 No. 1 (2025)

References

Abdajabar A., Idbeaa, T. (2024). Cybercrime’s Threat to Financial Institutions During COVID-19. AlQalam Journal of Medical and Applied Sciences, 46–52.
Google Scholar

Anderson R., Moore T. (2006). The economics of information security. Science, 314(5799), 610–613.
Google Scholar

Aria M., Cuccurullo C. (2017). Bibliometrix: An R-tool for comprehensive science mapping ana- lysis. „Journal of Informetrics”, 11(4), 959–975.
Google Scholar

Bakarich K.M., Baranek D. (2020). Something phish-y is going on here: A teaching case on busi- ness email compromise. „Current Issues in Auditing”, 14(1), A1–A9. https://doi.org/10.2308/ ciia-52706
Google Scholar

Basu K. (2018). Markets and manipulation: Time for a paradigm shift? „Journal of Economic Literature”, 56(1), 185–205. https://doi.org/10.1257/jel.20161410
Google Scholar

Bayl-Smith P., Sturman D., Wiggins M. (2020). Cue utilization, phishing feature and phishing email detection, [w:] Financial Cryptography and Data Security, FC 2020 (s. 56–70). Springer. https://doi.org/10.1007/978-3-030-54455-3_5
Google Scholar

Bhatt P., Obaidat M.S., Dangwal G., Das A.K., Wazid M., Sadoun B. (2024). Machine learning-ba- sed security mechanism for detecting phishing attacks, [w:] 2024 International Conference on Communications, Computing, Cybersecurity, and Informatics (CCCI) (s. 1–6). IEEE. https://doi. org/10.1109/CCCI61916.2024.10736460
Google Scholar

Das S., Abbott J., Gopavaram S., Blythe J., Camp L. J. (2020). User-centered risk communication for safer browsing, [w:] International conference on financial cryptography and data security (s. 18–35). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-030- 54455-3_2
Google Scholar

Do N.Q., Selamat A., Krejcar O., Herrera-Viedma E., Fujita H. (2022). Deep learning for phishing detection: Taxonomy, current challenges and future directions. Ieee Access, 10, 36429–36463. https://doi.org/10.1109/ACCESS.2022.3151903
Google Scholar

Donthu N., Kumar S., Mukherjee D., Pandey N., Lim W.M. (2021). How to conduct a bibliome- tric analysis: An overview and guidelines. „Journal of business research”, 133, 285–296.
Google Scholar

Egelman S., Cranor L.F., Hong J. (2008). You’ve been warned: An empirical study of the effecti- veness of web browser phishing warnings. Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 1065–1074.
Google Scholar

Grier C., Ballard L., Caballero J., Chachra N., Dietrich C.J., Levchenko K., …, Voelker G.M. (2010). Manufacturing compromise: The emergence of exploit-as-a-service. Proceedings of the 17th ACM Conference on Computer and Communications Security, 821–832. https://doi. org/10.1145/1866307.1866311
Google Scholar

Herley C., Florêncio D. (2010). Nobody sells gold for the price of silver: Dishonesty, uncertainty and the underground economy, [w:] Economics of Information Security and Privacy (s. 33–53). Springer. https://doi.org/10.1007/978-1-4419-6967-5_3
Google Scholar

Hong J. (2012). The state of phishing attacks. Communications of the ACM, 55(1), 74–81. https://doi.org/10.1145/2063176.2063197
Google Scholar

Hornuf L., Kück T., Schwienbacher A. (2022). Initial coin offerings, information disclosure, and fraud. „Small Business Economics”, 58(4), 1741–1759. https://doi.org/10.1007/s11187- 021-00471-y
Google Scholar

Jagatic T.N., Johnson N.A., Jakobsson M., Menczer F. (2007). Social phishing. „Communications of the ACM”, 50(10), 94–100. https://doi.org/10.1145/1290958.1290968
Google Scholar

Khonji M., Iraqi Y., Jones A. (2013). Phishing detection: A literature survey. IEEE Communications Surveys i Tutorials, 15(4), 2091–2121. https://doi.org/10.1109/SURV.2013.032213.00009
Google Scholar

Król P. (2024). Phishing jako zagrożenie dla bezpieczeństwa bankowości cyfrowej. „Bezpieczny Bank”, 94(1), 25–42. https://doi.org/10.26354/bb.2.1.94.2024
Google Scholar

Krombholz K., Hobel H., Huber M., Weippl E. (2015). Advanced social engineering attacks.
Google Scholar

„Journal of Information Security and Applications”, 22, 113–122. https://doi.org/10.1016/j. jisa.2014.09.005
Google Scholar

Mutlutürk M., Metin B. (2023). Mapping The Phishing Attacks Research Landscape: A Biblio- metric Analysis And Taxonomy. „J. Theor. Appl. Inf. Technol”, 101, 6758–6780.
Google Scholar

Mutlutürk M., Wynn M., Metin B. (2024). Phishing and the Human Factor: Insights from a Bi- bliometric Analysis. „Information”, 15(10), 643. https://doi.org/10.3390/info15100643
Google Scholar

Mwavali A. (2024). Combating phishing in Kenya: A supervised learning model for enhanced email security in Kenyan financial institutions. „International Journal of Technology and Sys- tems”, 9(4), 23–36.
Google Scholar

Nwafor K.C., Ikudabo A.O., Onyeje C.C., Ihenacho D.O.T. (2024). Mitigating cybersecurity risks in financial institutions: The role of AI and data analytics. „International Journal of Science and Research Archive”, 13(01), 2895–2910.
Google Scholar

O’Leary D.E. (2019). What phishing e-mails reveal: An exploratory analysis of phishing at- tempts using text analysis. „Journal of Information Systems”, 33(3), 285–307. https://doi. org/10.2308/isys-52481
Google Scholar

Olifer D., Goranin N., Kaceniauskas A., Cenys A. (2017). Controls-based approach for evaluation of information security standards implementation costs. „Technological and Economic Deve- lopment of Economy”, 23(1), 196–219. https://doi.org/10.3846/20294913.2017.1280558
Google Scholar

Olowu O., Adeleye A.O., Omokanye A.O., Ajayi A.M., Adepoju A.O., Omole O.M., Chianumba E.C. (2024). AI-driven fraud detection in banking: A systematic review of data science approaches to enhancing cybersecurity. „Advanced Research and Review”, 21(2), 227–237.
Google Scholar

Perwej Y., Abbas S.Q., Dixit J.P., Akhtar N., Jaiswal A.K. (2021). A systematic literature review on the cyber security. „International Journal of scientific research and management{, 9(12), 669–710.
Google Scholar

Sahingoz O.K., Buber E., Demir O., Diri B. (2019). Machine learning based phishing detection from URLs. „Expert Systems with Applications{, 117, 345–357. https://doi.org/10.1016/ j.eswa.2018.09.029
Google Scholar

Sheng S., Holbrook M., Kumaraguru P., Cranor L.F., Downs J. (2010). Who falls for phish? A de- mographic analysis of phishing susceptibility and effectiveness of interventions. „Proceedings of the SIGCHI Conference on Human Factors in Computing Systems”, 373–382.
Google Scholar

Shkarlet S., Dubyna M., Zhuk O. (2018). Determinants of the financial services market functio- ning in the era of the informational economy development. „Baltic Journal of Economic Stu- dies”, 4(3), 349–357. https://doi.org/10.30525/2256-0742/2018-4-3-349-357
Google Scholar

Taylor-Jackson J., McAlaney J., Ashenden D., Dale J. (2020). Incorporating psychology into cy- ber security education: A pedagogical approach, [w:] Financial Cryptography and Data Securi- ty, FC 2020 (s. 207–217). Springer. https://doi.org/10.1007/978-3-030-54455-3_15
Google Scholar

Villanueva J., Sebastian J., Dextre J. (2024, July). Web Portal Validation Model by Digital Signa- ture and ISO 27002 to Reduce Private Credentials Theft for Phishing Attacks to Financial Sector Customers, [w:] 2024 International Conference on Electrical, Computer and Energy Technolo- gies (ICECET) (s. 1–5). IEEE.
Google Scholar

Xiang G., Hong J., Rose C.P., Cranor L. (2011). CANTINA+: A feature-rich machine learning fra- mework for detecting phishing web sites. „ACM Transactions on Information and System Secu- rity”, 14(2), 1–28. https://doi.org/10.1145/2019599.2019606
Google Scholar

Yuspin W., Putri A.O., Fauzie A., Pitaksantayothin J. (2024). Digital Banking Security: Internet Phishing Attacks, Analysis and Prevention of Fraudulent Activities. „International Journal of Safety & Security Engineering”, 14(6).
Google Scholar

Zhuo S., Biddle R., Koh Y.S., Lottridge D., Russello G. (2023). SoK: Human-centered phishing susceptibility. „ACM Transactions on Privacy and Security”, 26(3), 1–27.
Google Scholar

Vol. 101 No. 4 (2025)
Published: 2026-02-18

ISSN: 1429-2939

eISSN: 2544-7068

10.26354

Publisher

Bankowy Fundusz Gwarancyjny

Licence CC

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Submit

-->