Phishing Email Detection Using Persuasion Cues

Phishing is an attempt to acquire sensitive information from an unsuspecting victim by malicious means. Recent studies have shown that phishers often use persuasion techniques to get positive responses from the recipients. Still missing from this literature are studies assessing effectiveness of persuasion cues in phishing email detection. Specifically focusing on gain and loss persuasion cues, we address the following research questions: In detecting phishing emails, (1) how effective are the gain persuasion cues, (2) how effective are the loss persuasion cues, and (3) how effective is an integrated model of gain and loss persuasion? In order to address the research questions, we create three machine learning models, with relevant gain persuasion cues, loss persuasion cues, and combined gain and loss persuasion cues respectively, and compare the estimates with a baseline model that does not account for the persuasion cues. The results show that the three phishing detection models with relevant persuasion cues significantly outperform the baseline model by approximately 5% to 20% percent in terms of F-score, thus representing reliable methods for phishing email detection. The objective of this study is to develop anti-phishing methods that utilize persuasion cues for detecting phishing emails. Such research is useful because a deeper understanding of persuasion cues can inform the design of effective countermeasures for detecting and blocking phishing emails.