A systematic literature review of large language models in phishing attack generation and detection

Dinushan Sivaneswaran; Chaminda T.E.R. Hewage; H.M.K.K.M.B. Herath; Rajkumar Singh Rathore; Vishal Krishna Singh; Weiwei Jiang

doi:10.1016/j.array.2026.100775

journal article Open Access Jul 01, 2026

A systematic literature review of large language models in phishing attack generation and detection

Dinushan Sivaneswaran

Chaminda T.E.R. Hewage

H.M.K.K.M.B. Herath Rajkumar Singh Rathore

Vishal Krishna Singh

Weiwei Jiang

Array Vol. 30 pp. 100775 · Elsevier BV

View at Publisher Save 10.1016/j.array.2026.100775

Topics

No keywords indexed for this article. Browse by subject →

References

55

[1]

Falowo "Evolving malware and DDoS attacks: Decadal longitudinal study" IEEE Access (2024) 10.1109/access.2024.3376682

[2]

Yin "A survey on multimodal large language models" Natl Sci Rev (2024) 10.1093/nsr/nwae403

[3]

Nguyen QH, Wu T, Nguyen V, Yuan X, Xue J, Rudolph C. Utilizing large language models with human feedback integration for generating dedicated warning for phishing emails. In: Proceedings of the 2nd ACM workshop on secure and trustworthy deep learning systems. 2024, p. 35–46. 10.1145/3665451.3665531

[4]

Fu "Leveraging human knowledge in large language model for obfuscation-resisted phishing URL detection" (2024)

[5]

Gradon "Electric sheep on the pastures of disinformation and targeted phishing campaigns: The security implications of chatgpt" IEEE Secur Priv (2023) 10.1109/msec.2023.3255039

[6]

Al Daoud "Enhancing cybersecurity with transformers: Preventing phishing emails and social media scams" (2024)

[7]

Koide "ChatPhishDetector: Detecting phishing sites using large language models" IEEE Access (2024) 10.1109/access.2024.3483905

[8]

Zhao (2023)

[9]

Zhang "Benchmarking and evaluating large language models in phishing detection for small and midsize enterprises: A comprehensive analysis" IEEE Access (2025)

[10]

Bethany "Lateral phishing with large language models: A large organization comparative study" IEEE Access (2025) 10.1109/access.2025.3555500

[11]

Roy "From chatbots to phishbots?: Phishing scam generation in commercial large language models" (2024)

[12]

Divakaran "Large language models for cybersecurity: New opportunities" IEEE Secur Priv (2024)

[13]

From ChatGPT to ThreatGPT: Impact of Generative AI in Cybersecurity and Privacy

Maanak Gupta, Charankumar Akiri, Kshitiz Aryal et al.

IEEE Access 2023 10.1109/access.2023.3300381

[14]

Siemerink "The dual-edged sword of large language models in phishing" (2024)

[15]

Begou "Exploring the dark side of ai: Advanced phishing attack design and deployment using chatgpt" (2023)

[16]

Zhang "AttacKG+: Boosting attack graph construction with large language models" Comput Secur (2025) 10.1016/j.cose.2024.104220

[17]

Yadav "A review on recent phishing attacks in internet" (2015)

[18]

Gupta "A literature survey on social engineering attacks: Phishing attack" (2016)

[19]

Buber "Detecting phishing attacks from URL by using NLP techniques" (2017)

[20]

Ahmed "COVID-19 pandemic: A new era of cyber security threat and holistic approach to overcome" (2020)

[21]

Alkhalil "Phishing attacks: A recent comprehensive study and a new anatomy" Front Comput Sci (2021) 10.3389/fcomp.2021.563060

[22]

Abroshan "Covid-19 and phishing: Effects of human emotions, behavior, and demographics on the success of phishing attempts during the pandemic" IEEE Access (2021) 10.1109/access.2021.3109091

[23]

Khode "Cybersecurity risks and challenges in transition to remote work during the COVID-19 pandemic: A focus on employee behavior and organizational vulnerabilities" (2025)

[24]

Security and Privacy Challenges of Large Language Models: A Survey

Badhan Chandra Das, M. Hadi Amini, Yanzhao Wu

ACM Computing Surveys 2025 10.1145/3712001

[25]

Nagarajan "Analysis of how ChatGPT and gemini help in the generation of cyber attacks" (2024)

[26]

Iturbe "Unleashing offensive artificial intelligence: Automated attack technique code generation" Comput Secur (2024) 10.1016/j.cose.2024.104077

[27]

Lee (2024)

[28]

Beydemir "A dynamically selected GPT model for phishing detection" (2024)

[29]

Afane "Next-generation phishing: How LLM agents empower cyber attackers" (2024)

[30]

Zacharis "Optimising AI models for intelligence extraction in the life cycle of cybersecurity threat landscape generation" J Inf Secur Appl (2025)

[31]

Hafzullah "LLM-driven SAT impact on phishing defense: A cross-sectional analysis" (2024)

[32]

Blancaflor EB, Abaleta RM, Achacoso LMD, Amper ACC, Ampiloquio PIR. Emerging Threat: The Use of AI Voice Cloning Software and Services to Deceive Victims Through Phone Conversations and its Potential Effects on the Filipino Population. In: Proceeding of the 2024 5th Asia service sciences and software engineering conference. 2024, p. 137–46. 10.1145/3702138.3702145

[33]

A survey of large language models for cyber threat detection

Yiren Chen, Mengjiao Cui, Ding Wang et al.

Computers & Security 2024 10.1016/j.cose.2024.104016

[34]

Ding "Large language models for cyber resilience: A comprehensive review, challenges, and future perspectives" Appl Soft Comput (2025) 10.1016/j.asoc.2024.112663

[35]

Veit "SoK: The past decade of user deception in emails and today’s email clients’ susceptibility to phishing techniques" Comput Secur (2025) 10.1016/j.cose.2024.104197

[36]

Hasanov "Application of large language models in cybersecurity: A systematic literature review" IEEE Access (2024) 10.1109/access.2024.3505983

[37]

Li "A state-of-the-art review on phishing website detection techniques" IEEE Access (2024)

[38]

Page "The PRISMA 2020 statement: an updated guideline for reporting systematic reviews" Bmj (2021)

[39]

Chataut "Enhancing phishing detection with AI: A novel dataset and comprehensive analysis using machine learning and large language models" (2024)

[40]

Zhang "Guarding against ChatGPT threats: Identifying and addressing vulnerabilities" (2024)

[41]

Dumitras "A feature engineering approach for detecting phishing emails" (2024)

[42]

Sayyafzadeh "Securing against deception: exploring phishing emails through ChatGPT and sentiment analysis" (2024)

[43]

Ling F, Yang H, Xiao Y, Hu L. Meta GPT-Based Agent for Enhanced Phishing Email Detection. In: Proceedings of the 2024 14th international conference on communication and network security. 2024, p. 78–84. 10.1145/3711618.3711619

[44]

Mahendru "Securenet: A comparative study of deberta and large language models for phishing detection" (2024)

[45]

Heiding "Devising and detecting phishing emails using large language models" IEEE Access (2024) 10.1109/access.2024.3375882

[46]

Chataut "Can ai keep you safe? a study of large language models for phishing detection" (2024)

[47]

Rashid "LLMs are one-shot URL classifiers and explainers" Comput Netw (2025) 10.1016/j.comnet.2024.111004

[48]

Chiba "DomainLynx: Advancing LLM techniques for robust domain squatting detection" IEEE Access (2025) 10.1109/access.2025.3542036

[49]

Chang "Chat or trap? Detecting scams in messaging applications with large language models" (2024)

[50]

Prompt Engineering or Fine-Tuning? A Case Study on Phishing Detection with Large Language Models

Fouad Trad, Ali Chehab

Machine Learning and Knowledge Extraction 2024 10.3390/make6010018

Showing 50 of 55 references

Metrics

0

Citations

55

References

Details

Published: Jul 01, 2026
Vol/Issue: 30
Pages: 100775
License: View

Authors

D

Dinushan Sivaneswaran

C

Chaminda T.E.R. Hewage

H

H.M.K.K.M.B. Herath

R

Rajkumar Singh Rathore

Cardiff Metropolitan University, Llandaff Campus, Cardiff, U.K.

V

Vishal Krishna Singh

School of Computer Science and Electronic Engineering, University of Essex, Colchester, U.K.

W

Weiwei Jiang

Cite This Article

Dinushan Sivaneswaran, Chaminda T.E.R. Hewage, H.M.K.K.M.B. Herath, et al. (2026). A systematic literature review of large language models in phishing attack generation and detection. Array, 30, 100775. https://doi.org/10.1016/j.array.2026.100775

A systematic literature review of large language models in phishing attack generation and detection

You May Also Like