Socio-technical Approach to Address Spear Phishing Attack
Phishing attacks use social engineering techniques to steal private information via emails. To analyze phishing susceptibility, user personality profiles, such as those based on the Five Factor Model (FFM), are used. The FFM scores individuals on five traits: openness, conscientiousness, extraversion, agreeableness, and neuroticism. Current approaches overlook how different personalities react to various phishing email contents, like how an enticing free prize might appeal to someone high in openness but not to someone high in neuroticism.
This project proposes a method to create a dictionary based on semantic similarities of FFM descriptors to label phishing emails according to personality bias, enhancing susceptibility analysis. Validation with a large phishing email corpus demonstrates the system's potential in anti-phishing research.