Table 9.
Contributions.
| Dimension | Previous studies | Contributions of the present study | Added value compared to previous research |
|---|---|---|---|
| Scope and focus | Most studies are either general reviews (Mujtaba et al., 2017; Qabajeh et al., 2018; Kunju et al., 2019; Athulya and Praveen, 2020) or broad bibliometric analyses on malware, phishing in general, or phishing and Big Data (Mat et al., 2021; Mutluturk and Metin, 2023; Pejić-Bach et al., 2023) | Bibliometric analysis focused exclusively on AI for phishing detection, complemented by a content analysis of the 10 most cited papers in the dataset | ML and DL-centric overview of phishing detection, filling a gap in previous reviews |
| Temporal coverage | 2021–2025 | Updates the temporal landscape by showing significant growth: 2024 is the most productive year (≈2 × 2023), with 2025 continuing the upward trend | Up-to-date perspective |
| Technological transition to DL | DL is mentioned as promising | Documents the transition from classical ML to DL and hybrid/stacking models, explaining the drivers: scalability, zero-day detection, FP reduction, and improved accuracy | Updated technological evolution |
| Practical implications | Mostly focused on academic models | Integrates practical examples: Microsoft Defender, Google Workspace, Barracuda, TitanHQ, Trustifi, Abnormal Security | Presentation of the implementation layer: AI-powered, real-time, behavioral, NLP, and computer vision-based detection of phishing |
| Integration into enterprise security | Not identified | Proposes integration of AI-powered phishing detection into SIEM, endpoint protection, secure email gateways, and cloud-based defense systems | Bridges between theoretical research and applied cybersecurity |