AN ANATOMY OF PHISHING MESSAGES AS DECEIVING PERSUASION: A CATEGORICAL CONTENT AND SEMANTIC NETWORK STUDY

摘要

Previous research on phishing has focused on the extent to which their presentation (e.g., logo, interface, and email address) resembled legitimate emails from well-known companies. Although the message content is an important factor of phishing, it has not been studied enough. Assuming phishing is a deceiving and persuasive activity, this study conducted a content analysis and a semantic network analysis of phishing messages with categories of persuasive message components. Results indicate that phishing messages heavily rely on reasoning from cause in logical appeals, safety needs in motivational appeals, and fear emotion in emotional appeals. Content analyses suggest that phishing emails tend to be explicit, and climax ordered. Interestingly, phishing emails do not use much time restriction to intensify fear emotions such as asking a quick response. Semantic network analyses show that the most frequently used words in phishing messages include ebay, online, please, http, com, information, paypal, update, security, and bank. The top 50 frequent words constitute two large clusters based on their word proximity and co-occurrence, and each cluster represents security and privacy, respectively. This suggests that phishing messages have unique message characteristics and meaning structures which can enrich our understanding of online deception. Suggestions for future research and limitations are also discussed.