Phishing is a rapidly growing threat in cyber world and causing billions of dollars in damage every year to internet users. It is an unlawful activity which uses a group of social engineering and technology to collect an Internet user's sensitive information. The identification of phishing techniques can be performed in various methods of communications like email, instant messages, pop-up messages, or at web page level. Over the period, a number of research articles have published with different techniques and procedures but have failed to detect all associated risks and provide a comprehensive solution. This paper presents a theoretical model of CRI to study this threat in a systematic manner. While there is a common perception about the successful phishing attack involves creating an identical messages or website to deceive the internet user however this theory has not been utilized to evaluate this threat and investigate the gaps systematically. Our model attempts to evaluate this crime, review different research perspectives and approaches and investigate the gaps. In this sense, our literature review study is significant to generate attentiveness about phishing in order to boost thoughts and actions to improve the cyber security and gain internet users' confidence.