Analisis Serangan Phising Dan Upaya Pencegahannya Pada Sistem Informasi
DOI:
https://doi.org/10.62671/jikum.v2i2.177Keywords:
Phishing, Cybersecurity, URL Analysis, Machine Learning, Social Engineering.Abstract
Phishing attacks continue to evolve into increasingly complex cyber threats, particularly with the emergence of Generative Artificial Intelligence (GenAI) technologies capable of producing realistic fraudulent content. This study highlights the ineffectiveness of traditional blacklist-based security methods in countering dynamic attacks that exploit both technical and psychological vulnerabilities of users. The objective of this research is to analyze the technical characteristics and masquerading patterns of current phishing attacks. Using a descriptive qualitative approach, this study examines 14 active phishing URL samples from the 2024-2025 period through URL Feature Analysis. The results indicate that 80% of the samples have adopted the HTTPS protocol to manipulate user trust. Furthermore, the study identifies a dominance of typosquatting techniques and the abuse of cheap Top-Level Domains (TLDs) that often bypass standard security detection. The research concludes that effective cyber defense requires the integration of adaptive strategies, combining intelligent Machine Learning-based detection systems with comprehensive security awareness training to mitigate risks associated with human error.
References
Barraclough, P., Fehringer, G., & Woodward, J. (2021). Intelligent cyber-phishing detection for online. Computers & Security, 104, 102123. https://doi.org/10.1016/j.cose.2020.102123
Cybersecurity Threats through Phishing Attacks Targeting Internal Staff, Mitigation and Prevention - Scientific Repository. (n.d.). https://repository.petra.ac.id/21393/
Jishnu, K. S., & Arthi, B. (2024). Real-time phishing URL detection framework using knowledge distilled ELECTRA.
Automatika, 65(4), 1621–1639. https://doi.org/10.1080/00051144.2024.2415797
Nalawade, V. S., Sanjay, B. N., Nanasaheb, M. P., Vikram, S. V., Khandeshwar, P. T., Nalawade, V. S., Sanjay, B. N., Nanasaheb, M. P., Vikram, S. V., & Khandeshwar, P. T. (2025). Prevention of phishing attack on various applications. International Journal on Advanced Computer Engineering and Communication Technology, 14(1), 359–363. https://doi.org/10.65521/ijacect.v14i1.533
Naqvi, B., Perova, K., Farooq, A., Makhdoom, I., Oyedeji, S., & Porras, J. (2023). Mitigation strategies against the phishing attacks: A systematic literature review. Computers & Security, 132, 103387. https://doi.org/10.1016/j.cose.2023.103387
Naz, A., Sarwar, M., Kaleem, M., Mushtaq, M. A., & Rashid, S. (2024). A comprehensive survey on social engineering- based attacks on social networks. International Journal of ADVANCED AND APPLIED SCIENCES, 11(4), 139–
https://doi.org/10.21833/ijaas.2024.04.016
Safi, A., & Singh, S. (2023). A systematic literature review on phishing website detection techniques. Journal of King Saud University - Computer and Information Sciences, 35(2), 590–611. https://doi.org/10.1016/j.jksuci.2023.01.004
Trisolvena, M. N., & Saputra, N. H. (2024). Phishing cyber security threats. Jurnal Improsci, 2(1), 38–48. https://doi.org/10.62885/improsci.v2i1.440
Wilk-Jakubowski, J. L., Pawlik, L., Wilk-Jakubowski, G., & Sikora, A. (2025). Machine learning and neural networks for phishing detection: A systematic review (2017–2024). Electronics, 14(18), 3744. https://doi.org/10.3390/electronics14183744
Rehman, A., Imtiaz, H., Javaid, A. B., & Muslih, M. (2024). Real-Time Phishing URL Detection Using Machine Learning.
Engineering Proceedings, 107(1), 108. https://doi.org/10.3390/engproc2024107108
Jabir, R., Le, J., & Nguyen, C. (2025). Phishing attacks in the age of generative artificial intelligence: A systematic review of human factors. AI, 6(8), 174. https://doi.org/10.3390/ai6080174
Adewumi, S. E., & Ani, U. D. (2025). Impact of detection accuracy rates on phishing email spikes: Towards more effective mitigation. Information Security Journal a Global Perspective, 34(4), 354–391. https://doi.org/10.1080/19393555.2025.2469519
Larena-Luengo, A., Herraiz, J. J. M., Ferrer-Oliva, M., & Medina-Merodio, J. (2025). Mapping the literature on the factors that influence cybersecurity. A bibliographic coupling analysis. Cogent Business & Management, 12(1). https://doi.org/10.1080/23311975.2025.2531265
Alhuzali, A., Alloqmani, A., Aljabri, M., & Alharbi, F. (2025). In-depth analysis of phishing email detection: Evaluating the performance of machine learning and deep learning models across multiple datasets. Applied Sciences, 15(6), 3396. https://doi.org/10.3390/app15063396
Brissett, A., & Wall, J. (2025). Machine learning and watermarking for accurate detection of AI-generated phishing emails.
Electronics, 14(13), 2611. https://doi.org/10.3390/electronics14132611
Abdin, Z., Hassan, M. M., Shin-E-Mustafa, M., & Islam, M. R. (2024). Real-time phishing URL detection framework using knowledge distilled ELECTRA. Global Journal of Engineering and Technology Advances, 19(2), 111–
