Phishing, defined as the fraudulent endeavor to acquire sensitive information by impersonating a reputable entity in digital communication, remains a prevalent form of cyber attack. Its success is often attributed to users’ lack of awareness of vulnerabilities or their inability to grasp the associated risks. This article offers a systematic literature review aimed at providing a comprehensive overview of the key research conducted on human factors and phishing.
Through an analysis of the collected publications, this review paints a comprehensive picture of how human factors should be taken into account when devising defenses against phishing attacks. It delves into the research questions addressed in the systematic literature review, shedding light on the critical insights gleaned from existing studies. Additionally, the article points out potential avenues for future research in this domain.