Current approaches of phishing filters depend on classifying messages based on textually discernable features such as IP-based URLs or domain names as those features that can be easily extracted from a given phishing message. However, in the same sense, those easily perceptible features can be easily manipulated by sophisticated phishers. Therefore, it is important that universal patterns of phishing messages should be identified for feature extraction to serve as a basis for text classification. In this paper, we demonstrate that user perception regarding phishing message can be identified in central and peripheral routes of information processing. We also present a method of formulating quantitative model that can represent persuasive information structure in phishing messages. This paper makes contribution to phishing classification research by presenting the idea of universal information structure in terms of persuasive communication theories.
Adida, B., Hohenberger, S., & Rivest, R. L. Fighting phishing Attacks: A Lightweight Trust Architecture for Detecting Spoofed Emails.
Comrey, A. L., & Lee, H. B. (1992). A First Course in Factor Analysis (2nd ed.). Hillsdale, NJ: Lawrence Erlbaum Associates.
Drake, C. E., Oliver, J. J., & Koontz, E. J. (2005). Anatomy of a phishing Email: MailFrontier.
Dual process persuasion. (n.d.). Retrieved October 25, 2005, from http://www.as.wvu.edu/~sbb/comm221/chapters/dual.htm
Emigh, A. (2005). Online Identity Theft: phishing Technology, Chokepoints and Counter measures.
Fett, I., Sadeh, N., & Tomasic, A. (2006). Learning to Detect phishing Emails.
Fogg, B. J. (2003). Persuasive technology : using computers to change what we think and do. Amsterdam ; Boston: Morgan Kaufmann Publishers.
Gartner. (2005). Increased phishing and Online Attacks Cause Dip in Consumer Confidence: Gartnet Research Group.
Hovland, C. I., Janis, I. L., & Kelly, J. J. (1953). Communication and persuasion. New Haven: Yale University Press.
Inomata, A., Rahman, S. M. M., Okamoto, T., & Okamoto, E. A novel mail filtering method against phishing.
Jakobsson, M. (2005). Modeling and Preventing phishing Attacks.Unpublished manuscript.
Kirda, E., & Kruegel, C. (2006). Protecting Users against phishing Attacks. The Computer Journal.
McCroskey, J. C. (1966). Scales for the measurement of ethos. Speech Monographs, 33, 65-72.
Merwe, A. v. d., Loock, M., & Dabrowski, M. (2005). Characteristics and Responsibilities involved in a phishing Attack. Paper presented at the 4th international symposium on Information and communication technologies Cape Town, South Africa.
MessagingAnti-AbuseWorkingGroup, & Anti-phishingWorkingGroup. (2006). Anti-phishing Best Practices for ISPs and Mailbox Providers.
Mitchell, T. (2006). Generative and discriminative classifiers: Naive Bayes and Logistic Regression.
O'keefe, D. J. (1990). Persuasion: Theory and research. Newbury Park: Sage Publications.
Parno, B., Kuo, C., & Perrig, A. (2005). Phoolproof phishing Prevention: CyLab Carnegie Mellon University.
Petty, R. E., & Cacioppo, J. T. (1981). Attitudes and persuasion: Classic and contemporary approaches. Dubuque, Iowa: Wm. C. Brown Company Publishers.
Reeves, B., & Nass, C. (1996). The media equation: How people treat computers, televison, and new media like real people and places. Stanford, CA: CSLI Publications.
Roos, T., Wettig, H., Grunwald, P., Myllymaki, P., & Tirri, H. (2005). On discriminative Bayesian Network Classifiers and Logistic Regression. Machine Learning, 59, 267-296.
Stiff, J. B., & Mongeau, P. A. (2003). Persuasive communication. New York: The Guilford Press.
Lee, Ki J. and Song, Il-Yeol
"Investigating Information Structure of Phishing Emails Based on Persuasive Communication Perspective,"
Journal of Digital Forensics, Security and Law: Vol. 2
, Article 2.
Available at: http://commons.erau.edu/jdfsl/vol2/iss3/2