There are a large number of literature available in phishing detection methodologies for computer devices (See 7 for a comprehensive survey). Concerning phishing detection on mobile devices: Authors in 8 present an assessment of the available phishing protection techniques in Android and IOS web browsers, comparing the protection they offer with their desktop counterparts and analysing the significant gap between the two.Hossain, Tulin Klintic and Victor in 9, propose a phishing detection taxonomy for mobile environment, endeavoring to delineate and discuss every single conceivable situation of phishing assaults and related countermeasures too. Leaving aside all possible attacks related to very specific vectors (e.g.Bluetooth, Smishing and Vishing), the paper emphasizes the lack of solutions dedicated to mobile devices other than black/white lists.
A risk assessment on mobile platforms has been proposed in 10, where a study conducted on 85 web sites and 100 mobile applications discovered that web sites and applications regularly ask users to type their passwords into contexts that are vulnerable to spoofing. The implementation of sample phishing attacks on the Android and IOS platforms demonstrated that attackers can spoof legitimate applications with high accuracy, suggesting that the risk of phishing attacks on mobile platforms is greater than it has previously been appreciated.
