Netphishing: Network and Linguistic Analysis of Phishing Email Subject Lines

This study provides support on why subject lines of predatory emails should be analysed to improve the detection of phishing attacks. Network science together with a linguistic analysis were performed on a sample of 240 phishing email subject lines from the past 12 years. Results show that even in straightforward subject lines, phishers can employ text elements to create a sense of proximity, mutual relationship as well as a neutral and professional relation, focused on present and future actions, to persuade potential victims to open phishing emails. The common words "your" and "account" form two main hubs and communities of words that integrate main organisations and actions related to those hubs. The linguistic analysis shows that concise phrases integrate such richness of language that can potentially be used to find differential emotional and behavioural marks on the text, to be used for better detecting phishing emails. This work provides current information as well as new research questions to be tested and further perused, to support the improvement of automated tools to identify predatory emails.