Current approaches of phishing filters depend on classifying emails based on obviously
discernable features such as IP-based URLs or domain names. However, as those features
can be easily extracted from a given phishing email, in the same sense, they can be easily
manipulated by sophisticated phishers. Therefore, it is important that universal patterns of
phishing messages should be identified to serve as a basis for novel phishing
classification algorithm.
In this paper, we argue that phishing is a kind of persuasion and explore feature
extraction method based on persuasive communication perspective. Phishing message
components, including message factors, source factors, and computer related factors, are
investigated as message sender’s strategic message manipulation. On the other hand,
message receiver’s cognitive components for information processing are discussed in
terms of dual process of cognition.
Our method consists of four major procedural steps. First, persuasive message
components are identified through extensive literature review. Second, based on the
identified persuasive message components, we conduct content analysis of email
messages. Third, using factor analysis, persuasive components in phishing messages are
classified for the validation of a dual process of cognition. From the pool of persuasive
communication variables, we identify underlying dimensions to see whether central route
information processing and peripheral route information processing are distinctly
identified. Fourth, instances are classified by conducting logistic regression analysis
based on the identified variables as a result of factor analysis in addition to known
phishing factors identified by other studies. We, then, present a quantitative model that
can represent persuasive information structure in phishing messages.
This paper makes contribution to phishing classification research by presenting the idea
of universal information structure in terms of persuasive communication theories