Unmasking Phishing Attempts

Abstract

Phishing, a pervasive cybersecurity issue, involves fraudulent attempts to obtain sensitive information and to provoke unintentional money transfers or malware downloads, among others, by disguising as trustworthy entities in electronic communications. This paper presents an innovative approach to phishing detection in Spanish emails using patterns represented as rules. Through a comprehensive, still efficient analysis of emails, we identify interpretable recurring patterns and relevant phrases used in phishing attempts. These phrases and words often aim to persuade victims into revealing personal or financial information. These patterns are translated into a set of rules that are applied to evaluate incoming emails. Additionally, a proof-of-concept is carried out using a phishing data set of Spanish emails created for this study. Our method achieved promising results in identifying phishing attempts, providing an additional layer of security for email users. Moreover, this approach can be adapted to detect phishing in other languages, making it a potentially global solution to this persistent cybersecurity issue.