An In-Depth Study of Phishing Attacks and User Awareness in Modern Web Applications

Hensei Patel, Ankita Kothari

Abstract: Phishing attacks have evolved into one of the most prevalent threats affecting modern web applications, exploiting both technological weaknesses and human decision-making. This review provides an in-depth examination of contemporary phishing techniques, the expanding attack surface within web-based systems, and the behavioural factors contributing to user vulnerability. It synthesizes recent research on detection approaches, including machine learning, deep learning, multimodal analysis, and browser-integrated defensive mechanisms, while also analysing empirical studies on user awareness, decision processes, and susceptibility. The review highlights how emerging vectors such as mobile-first phishing, QR code phishing, OAuth consent manipulation, and artificially generated phishing content challenge traditional defences. Furthermore, it identifies critical weaknesses in current solutions, including limited real-time detection, reliance on outdated datasets, and inadequate integration between automated detection and user education. The study concludes by outlining the need for comprehensive, user-centric, and application-aware strategies that combine technical defences with behavioural insights to enhance resilience against phishing within modern web application.

Keywords: Phishing attacks, cybersecurity, machine learning, user awareness, web applications

How to Cite?: Hensei Patel, Ankita Kothari, "An In-Depth Study of Phishing Attacks and User Awareness in Modern Web Applications", Volume 14 Issue 12, December 2025, International Journal of Science and Research (IJSR), Pages: 2020-2025, https://www.ijsr.net/getabstract.php?paperid=SR251224130809, DOI: https://dx.doi.org/10.21275/SR251224130809