LLM-Powered Intent-Based Categorization of Phishing Emails
By: Even Eilertsen, Vasileios Mavroeidis, Gudmund Grov
Potential Business Impact:
Finds fake emails by understanding what they want.
Phishing attacks remain a significant threat to modern cybersecurity, as they successfully deceive both humans and the defense mechanisms intended to protect them. Traditional detection systems primarily focus on email metadata that users cannot see in their inboxes. Additionally, these systems struggle with phishing emails, which experienced users can often identify empirically by the text alone. This paper investigates the practical potential of Large Language Models (LLMs) to detect these emails by focusing on their intent. In addition to the binary classification of phishing emails, the paper introduces an intent-type taxonomy, which is operationalized by the LLMs to classify emails into distinct categories and, therefore, generate actionable threat information. To facilitate our work, we have curated publicly available datasets into a custom dataset containing a mix of legitimate and phishing emails. Our results demonstrate that existing LLMs are capable of detecting and categorizing phishing emails, underscoring their potential in this domain.
Similar Papers
Phishing Email Detection Using Large Language Models
Cryptography and Security
Finds fake emails better, even tricky ones.
Constructing and Benchmarking: a Labeled Email Dataset for Text-Based Phishing and Spam Detection Framework
Cryptography and Security
Finds fake emails made by smart computer programs.
Robust ML-based Detection of Conventional, LLM-Generated, and Adversarial Phishing Emails Using Advanced Text Preprocessing
Cryptography and Security
Stops fake emails from tricking you.