Cognitive biases are commonly used by attackers to manipulate users’psychology in phishing emails.This study systematically analyzes the exploitation of cognitive biases in phishing emails and addresses the following...Cognitive biases are commonly used by attackers to manipulate users’psychology in phishing emails.This study systematically analyzes the exploitation of cognitive biases in phishing emails and addresses the following questions:(1)Which cognitive biases are frequently exploited in phishing emails?(2)How are cognitive biases exploited in phishing emails?(3)How effective are cognitive bias features in detecting phishing emails?(4)How can the exploitation of cognitive biases in phishing emails be modelled?To address these questions,this study constructed a cognitive processing model that explains how attackers manipulate users by leveraging cognitive biases at different cognitive stages.By annotating 482 phishing emails,this study identified 10 common types of cognitive biases and developed corresponding detection models to evaluate the effectiveness of these bias features in phishing email detection.The results show that models incorporating cognitive bias features significantly outperform baseline models in terms of accuracy,recall,and F1 score.This study provides crucial theoretical support for future anti-phishing methods,as a deeper understanding of cognitive biases offers key insights for designing more effective detection and prevention strategies.展开更多
文摘Cognitive biases are commonly used by attackers to manipulate users’psychology in phishing emails.This study systematically analyzes the exploitation of cognitive biases in phishing emails and addresses the following questions:(1)Which cognitive biases are frequently exploited in phishing emails?(2)How are cognitive biases exploited in phishing emails?(3)How effective are cognitive bias features in detecting phishing emails?(4)How can the exploitation of cognitive biases in phishing emails be modelled?To address these questions,this study constructed a cognitive processing model that explains how attackers manipulate users by leveraging cognitive biases at different cognitive stages.By annotating 482 phishing emails,this study identified 10 common types of cognitive biases and developed corresponding detection models to evaluate the effectiveness of these bias features in phishing email detection.The results show that models incorporating cognitive bias features significantly outperform baseline models in terms of accuracy,recall,and F1 score.This study provides crucial theoretical support for future anti-phishing methods,as a deeper understanding of cognitive biases offers key insights for designing more effective detection and prevention strategies.
