Email Summarization to Assist Users in Phishing Identification

TL;DR

This paper proposes a transformer-based system that analyzes and summarizes emails to help users identify potential phishing threats more effectively, combining content analysis with user-friendly summaries.

Contribution

It introduces a novel approach that leverages transformers to analyze email content, detect malicious intent, and generate summaries to assist users in phishing detection.

Findings

Effective detection of phishing cues using transformer models

Generation of concise email summaries highlighting suspicious content

Enhanced user decision-making in identifying phishing emails

Abstract

Cyber-phishing attacks recently became more precise, targeted, and tailored by training data to activate only in the presence of specific information or cues. They are adaptable to a much greater extent than traditional phishing detection. Hence, automated detection systems cannot always be 100% accurate, increasing the uncertainty around expected behavior when faced with a potential phishing email. On the other hand, human-centric defence approaches focus extensively on user training but face the difficulty of keeping users up to date with continuously emerging patterns. Therefore, advances in analyzing the content of an email in novel ways along with summarizing the most pertinent content to the recipients of emails is a prospective gateway to furthering how to combat these threats. Addressing this gap, this work leverages transformer-based machine learning to (i) analyze prospective psychological triggers, to (ii) detect possible malicious intent, and (iii) create representative summaries of emails. We then amalgamate this information and present it to the user to allow them to (i) easily decide whether the email is "phishy" and (ii) self-learn advanced malicious patterns.