@article{Kytidou_IDT_2025,
    author         = {Eleni Kytidou and Theodosia Tsikriki and George Drosatos and Konstantinos Rantos},
    title          = {Machine learning techniques for phishing detection: {A} review of methods, challenges, and future directions},
    keywords       = {Phishing Detection, Machine Learning, Feature Engineering, Phishing Datasets, Adversarial Robustness},
    journal        = {Intelligent Decision Technologies},
    volume         = {19},
    year           = {2025},
    number         = {6},
    pages          = {4356-4379},
    url            = {https://doi.org/10.1177/18724981251366763},
    issn           = {1872-4981},
    doi            = {10.1177/18724981251366763},
    publisher      = {Sage \& IOS Press},
    abstract       = {Phishing remains a persistent and evolving cybersecurity challenge, leveraging deception to manipulate users into disclosing confidential information. Traditional detection techniques, such as blacklists and heuristic-based methods, struggle to keep pace with sophisticated phishing attacks that continuously adapt to evade detection. In response, machine learning (ML) and deep learning (DL) have emerged as effective solutions, utilizing structured data such as URL composition, webpage content, and domain characteristics to enhance phishing detection accuracy. This paper presents a broad narrative review of ML-driven phishing detection approaches, covering supervised learning, deep learning architectures, large language models (LLMs), ensemble models, and hybrid frameworks. It also reviews feature engineering methods and publicly available datasets, noting common limitations in representational coverage, class balance, and reproducibility. We identify key challenges in phishing detection, including adversarial attacks, dataset biases, real-time adaptability issues, and computational limitations. Finally, we outline actionable future research directions, including the development of adaptive detection systems, continual learning benchmarks, LLM-based hybrid models, and cross-platform intelligence sharing. By addressing these challenges and promoting ML-based methodologies, this review aims to provide insights that will lead to future innovations in phishing detection approaches.}
}