Abstract

This systematic review investigates the application and effectiveness of Artificial Intelligence techniques such as Machine Learning (ML), Deep Learning (DL) and Generative Artificial Intelligence (Gen AI) in the detection and/or prevention of Phishing attacks. The analysed studies were categorised into four groups: ML-based models, DL-based models, hybrid models (ML, DL, others), and Large Language Models (LLMs). The results reveal that none of the models consistently outperforms the others (regardless of context); however, performance depends on factors such as the quality of the dataset used, algorithm architecture, hyperparameter tuning and deployment environment. However, a clear trend emerged: DL and Gen AI-based models tend to achieve higher accuracy and stability, particularly in complex scenarios and when working with large or unstructured datasets. Techniques such as convolutional neural networks (CNN), short and long-term memory (LSTM) and temporal convolutional networks (TCN) demonstrated exceptional performance, achieving accuracies above 99%. Similarly, tuned LLMs such as GPT-2-medium and Llama-3-8b-instruct  showed strong classification capabilities in phishing detection tasks. In contrast, traditional ML algorithms such as Random Forest and XGBoost performed well in structured and balanced data environments, but exhibited limitations in adaptivity and semantic representation. The findings emphasise the importance of a holistic approach that considers not only the algorithm itself, but also the quality of the input data, computational resources and the practical context of the implementation. This review aims to provide relevant information on modern AI techniques to strengthen cybersecurity measures against evolving phishing threats.

Statistics