"A Model That Can Help Inexperienced Users Identify Phishing Emails"

Researchers at Monash University and CSIRO's Data61 in Australia have developed a Machine Learning (ML)-based approach to help users identify phishing emails in order to prevent them from accidentally installing malware or sending sensitive data to cybercriminals. They identified a gap in current phishing research, specifically that existing literature focuses on rigorous 'black and white' methods to classify whether something is a phishing email or not. Other researchers have developed models that can automatically analyze emails and detect phishing messages. However, most of these methods only identified a limited number of patterns, thus missing many malicious emails. This recent work gives users the power to decide whether something is suspicious by equipping them with easily understandable machine results and conversions. Some recent phishing attacks did not have apparent malicious patterns but instead used human psychology to trick unsuspecting users into giving away their personal information. Therefore, the team developed an alternative tool for helping non-expert email users determine which emails are safe or are potentially malicious. Their model was designed to provide a more digestible summary of emails, highlighting emotional triggers, essential content of the text, and the result of an intent analysis. The approach prepares a summary of emails that users can then use to decide what to do with different emails in their inboxes instead of automatically detecting and filtering potentially malicious emails. Non-expert users can use the tool to learn how to identify common patterns in phishing. The model introduced by the researchers involves various state-of-the-art phishing detection methods, which are combined into a single informational package. It presents probabilities instead of hard truths to users to help them prevent errors that could lead to the loss of important messages. This article continues to discuss the development, capabilities, and future of the new model aimed at helping users identify phishing emails. 

NewsUpdate UK reports "A Model That Can Help Inexperienced Users Identify Phishing Emails"