"Modern identity theft techniques: An overview of attack and defense tools, a systematic review"

Authors

  • Marisol Cruz Universidad Nacional de Trujillo.

DOI:

https://doi.org/10.32870/recibe.v14i1.386

Keywords:

phishing, protección de datos, robo, identidad, digital

Abstract

Identity theft in the digital age represents a challenge that requires our immediate attention. The objective of this article is to analyze the attack and defense techniques used to commit and prevent these crimes. The PRISMA 2020 methodology was used to carry out a systematic review in databases such as Scopus and Science Direct, with studies from the last five years. The results obtained are that phishing is positioned as one of the most recurrent attack techniques, along with malware, man-in-the-middle attacks and Social Engineering. To reduce these threats, defenses such as multifactor authentication, the use of artificial intelligence for fraud identification and information encryption are identified. In addition, the research highlights the need to update the development of cybersecurity technologies due to the constant adaptation of cybercriminals to adjust to new security strategies. Finally, it is important to train users and entities on the best security practices, which is vital to develop more efficient strategies to protect their digital identity in a constantly developing digital environment.

References

Abdulla, Q. Z., & Al-Hassani, M. D. (2023). Robust Password Encryption Technique with an Extra Security Layer. Iraqi Journal Of Science, 1477-1486. https://doi.org/10.24996/ijs.2023.64.3.36

Afzal, S., Asim, M., Beg, M. O., Baker, T., Awad, A. I., & Shamim, N. (2024). Context-aware embeddings for robust multiclass fraudulent URL detection in online social platforms. Computers & Electrical Engineering: An International Journal, 119(109494), 109494. https://doi.org/10.1016/j.compeleceng.2024.109494

Albalawi, N., Alamrani, N., Aloufi, R., Albalawi, M., Aljaedi, A., & Alharbi, A. R. (2023). The Reality of Internet Infrastructure and Services Defacement: A Second Look at Characterizing Web-Based Vulnerabilities. Electronics, 12(12), 2664. https://doi.org/10.3390/electronics12122664

Alhelaly, Y., Dhillon, G., & Oliveira, T. (2023). When expectation fails and motivation prevails: the mediating role of awareness in bridging the expectancy-capability gap in mobile identity protection. Computers & Security, 134(103470), 103470. https://doi.org/10.1016/j.cose.2023.103470

AlQadheeb, A., Bhattacharyya, S., & Perl, S. (2022). Enhancing cybersecurity by generating user-specific security policy through the formal modeling of user behavior. Array (New York, N.Y.), 14(100146), 100146. https://doi.org/10.1016/j.array.2022.100146

Barquero, W. G. (2022). ANALISIS DE PRISMA COMO METODOLOGÍA PARA REVISIÓN SISTEMÁTICA: UNA APROXIMACIÓN GENERAL. Saúde Em Redes, 8(sup1), 339–360. https://doi.org/10.18310/2446-4813.2022v8nsup1p339-360

Bera, D., Ogbanufe, O., & Kim, D. J. (2023). Towards a thematic dimensional framework of online fraud: An exploration of fraudulent email attack tactics and intentions. Decision Support Systems, 171, 113977. https://doi.org/10.1016/j.dss.2023.113977

Bojjagani, S., Brabin, D. R. D., & Rao, P. V. V. (2020). PhishPreventer: A secure authentication protocol for prevention of phishing attacks in mobile environment with formal verification. Procedia Computer Science, 171, 1110–1119. https://doi.org/10.1016/j.procs.2020.04.119

Burnes, D., DeLiema, M., & Langton, L. (2020). Risk and protective factors of identity theft victimization in the United States. Preventive Medicine Reports, 17(101058), 101058. https://doi.org/10.1016/j.pmedr.2020.101058

Careja, A.-C., & Tapus, N. (2023). Digital identity using blockchain technology. Procedia Computer Science, 221, 1074–1082. https://doi.org/10.1016/j.procs.2023.08.090

Ejaz, A., Mian, A. N., & Manzoor, S. (2023). Life-long phishing attack detection using continual learning. Scientific Reports, 13(1). https://doi.org/10.1038/s41598-023-37552-9

Guzmán-Cedillo, L. A., Varela-Castro, W. H., & Briceño-Santacruz, M. de los A. (2020). Ciberseguridad 4.0: Factores que propician el delito de robo de identidad digital por medios informáticos. Repositorio De La Red Internacional De Investigadores En Competitividad, 13, 658–677. Recuperado a partir de https://www.riico.net/index.php/riico/article/view/1818

Hernández Dominguez, A., & Baluja García, W. (2021). Main mechanisms for dealing with phishing in data networks. Revista Cubana de Ciencias Informáticas, 15(4s1), 1-15. http://scielo.sld.cu/pdf/rcci/v15n4s1/2227-1899-rcci-15-04-s1-413.pdf

Kampourakis, V., Kambourakis, G., Chatzoglou, E., & Zaroliagis, C. (2022). Revisiting man-in-the-middle attacks against HTTPS. Network Security, 2022(3). https://doi.org/10.12968/s1353-4858(22)70028-1

Kothamasu, G. A., Venkata, S. K. A., Pemmasani, Y., & Mathi, S. (2023). An Investigation on Vulnerability Analysis of Phishing Attacks and Countermeasures. International Journal Of Safety And Security Engineering, 13(2), 333-340. https://doi.org/10.18280/ijsse.130215

Marín, V. I. (2022). La revisión sistemática en la investigación en Tecnología Educativa: observaciones y consejos. RiiTE Revista interuniversitaria de investigación en Tecnología Educativa, 13, 62–79. https://doi.org/10.6018/riite.533231

Minu, R. I., Nagarajan, G., Munshi, A., Venkatachalam, K., Almukadi, W., & Abouhawwash, M. (2022). An Edge Based Attack Detection Model (EBAD) for Increasing the Trustworthiness in IoT Enabled Smart City Environment. IEEE Access, 10, 89499-89508. https://doi.org/10.1109/access.2022.3200703

Moreno Arvelo, P. M., Paucar Paucar, C. E., Cajas Parraga, C. M., (2022). Regulación global para evitar la suplantación de identidad digital. Revista Universidad y Sociedad, 14(6), 690-696.

Murillo González, G., Martínez Prats, G., & Vázquez Vidal, V. (2023). Desinformación tecnológica: factores y causas del robo de identidad del cibernauta en el mundo digital. Data and Metadata 2024, 2, 133. https://doi.org/10.56294/dm2023133

Nonvignon, T. Z., Boucif, A. B., & Mhamed, M. (2022). A Copula-Based Attack Prediction Model for Vehicle-to-Grid Networks. Applied Sciences, 12(8), 3830. https://doi.org/10.3390/app12083830

Rameem Zahra, S., Ahsan Chishti, M., Iqbal Baba, A., & Wu, F. (2022). Detecting Covid-19 chaos driven phishing/malicious URL attacks by a fuzzy logic and data mining based intelligence system. Egyptian Informatics Journal, 23(2), 197–214. https://doi.org/10.1016/j.eij.2021.12.003

Ribaux, O., & Souvignet, T. R. (2020). “Hello are you available?” Dealing with online frauds and the role of forensic science. Forensic Science International: Digital Investigation, 33(300978), 300978. https://doi.org/10.1016/j.fsidi.2020.300978

Saharan, S., Laxmi, V., Bezawada, B., & Gaur, M. S. (2021). Scaling & fuzzing: Personal image privacy from automated attacks in mobile cloud computing. Journal Of Information Security And Applications, 60, 102850. https://doi.org/10.1016/j.jisa.2021.102850

Sharma, D., & Selwal, A. (2021). FinPAD: State-of-the-art of fingerprint presentation attack detection mechanisms, taxonomy and future perspectives. Pattern Recognition Letters, 152, 225-252. https://doi.org/10.1016/j.patrec.2021.10.013

Sobabe, A., Djara, T., & Vianou, A. (2020). Biometric System Vulnerabilities: A Typology of Metadata. Advances In Science Technology And Engineering Systems Journal, 5(1), 191-200. https://doi.org/10.25046/aj050125

Song, W., Jiang, M., Yan, H., Xiang, Y., Chen, Y., Luo, Y., He, K., & Peng, G. (2020). Android Data-Clone Attack via Operating System Customization. IEEE Access, 8, 199733-199746. https://doi.org/10.1109/access.2020.3035089

Sohrabi, C., Franchi, T., Mathew, G., Kerwan, A., Nicola, M., Griffin, M., Agha, M., & Agha, R. (2021). PRISMA 2020 statement: What’s new and the importance of reporting guidelines. International Journal of Surgery (London, England), 88(105918), 105918. https://doi.org/10.1016/j.ijsu.2021.105918

Tsai, C.-H., Liou, D.-K., & Lee, H.-L. (2024). Blockchain-supported online banking scheme. Egyptian Informatics Journal, 27(100516), 100516. https://doi.org/10.1016/j.eij.2024.100516

Veena, K., Meena, K., Kuppusamy, R., Teekaraman, Y., Angadi, R. V., & Thelkar, A. R. (2022). Cybercrime: Identification and Prediction Using Machine Learning Techniques. Computational Intelligence And Neuroscience, 2022, 1-10. https://doi.org/10.1155/2022/8237421

Zahra, S. R., Chishti, M. A., Baba, A. I., & Wu, F. (2021). Detecting Covid-19 chaos driven phishing/malicious URL attacks by a fuzzy logic and data mining based intelligence system. Egyptian Informatics Journal, 23(2), 197-214. https://doi.org/10.1016/j.eij.2021.12.003

Zarate, A. P., & del Carmen Becerra, M. A. M. (2011). Robo de Identidad y su Incidencia en el Cibercrimen. Org.Ar. https://50jaiio.sadio.org.ar/pdfs/sid/SID-08.pdf

Downloads

Published

2025-03-13

How to Cite

Cruz, M. (2025). "Modern identity theft techniques: An overview of attack and defense tools, a systematic review". ReCIBE, Electronic Journal of Computing, Informatics, Biomedical and Electronics, 14(1), C2–17. https://doi.org/10.32870/recibe.v14i1.386

Issue

Vol. 14 No. 1 (2025): Jan. 2025 - Mar. 2025

Section

Computer Science & IT

License

Copyright (c) 2025 ReCIBE, electronic journal of Computing, Informatics, Biomedical and Electronics