# AI in phishing detection: a bibliometric review

**Authors:** Daniela Popescul, Laura Diana Radu

PMC · DOI: 10.3389/frai.2025.1496580 · Frontiers in Artificial Intelligence · 2025-10-23

## TL;DR

This paper reviews how artificial intelligence has been used to detect phishing attacks, showing trends and key themes in the field from 2016 to 2024.

## Contribution

The study provides a comprehensive bibliometric analysis of AI in phishing detection, highlighting trends and thematic evolution.

## Key findings

- AI and ML have been increasingly used for phishing detection since 2016.
- Recent trends show a shift from classical ML to deep learning and hybrid models.
- Feature selection and engineering are emphasized in modern phishing detection methods.

## Abstract

Phishing represents a category of cyber-attacks based on social engineering, with a significant impact on individuals and organizations, and a high capacity for reinvention by adapting its modus operandi according to technological advancements. With a relatively simple scenario and without using sophisticated technologies, phishing attacks exploit user vulnerabilities, convincing them to disclose sensitive personal or organizational data. Within anti-phishing solutions, the detection of spoofed URLs, counterfeit websites, and email or other types of messages that lure the user into entering their data in a form, plays an important role. Against this backdrop, artificial intelligence (AI) technologies, particularly Machine Learning (ML), have been successfully employed in phishing detection, with a rich body of literature in this field.

A review of the existing literature on phishing detection using AI was conducted. This study aims to fill this gap by providing comprehensive bibliometric analysis, complementing existing surveys in the field, focusing on the role of AI in phishing detection.

A total of 1096 documents focusing on AI, ML, Deep Learning (DL), or Natural Language Processing (NLP) in phishing detection were extracted from the Web of Science (WoS) scientific database. The information from these documents was subsequently loaded into the Biblioshiny (Bibliometrix package) and VOSviewer software.

The dataset allowed for the identification of publication trends, influential documents and publications, patterns of author collaboration, and key topics of interest within the main author clusters. A thematic analysis of the field highlighted driving themes, niche themes, emerging and declining themes, and basic themes. Furthermore, thematic evolution over time was examined based on authors’ keywords. A thorough review of the most relevant articles identified through bibliometric analysis was conducted to discuss the primary methods of phishing detection using AI.

The research field of AI in phishing detection has evolved significantly starting with 2016, with a focus on using ML algorithms to identify phishing websites by extracting discriminative features, and experienced a consistent growth in 2024. Recent work emphasizes a shift from classical ML to DL, the importance of feature selection and engineering, and the use of hybrid models and classifier stacking.

## Full-text entities

- **Diseases:** AI (MESH:C538142), DL (MESH:D007859), XAI (MESH:C538243), LSTM (MESH:D000088562)
- **Species:** Viruses (acellular root) [taxon 10239], Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12589022/full.md

## Figures

12 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12589022/full.md

## References

94 references — full list in the complete paper: https://tomesphere.com/paper/PMC12589022/full.md

---
Source: https://tomesphere.com/paper/PMC12589022