In-context learning for the classification of manipulation techniques in phishing emails
This work addresses phishing detection for cybersecurity by focusing on nuanced manipulation, though it is incremental as it applies existing ICL methods to a new domain.
The study tackled the problem of classifying phishing emails by psychological manipulation techniques using LLM in-context learning, achieving an accuracy of 0.76 on a real-world dataset.
Traditional phishing detection often overlooks psychological manipulation. This study investigates using Large Language Model (LLM) In-Context Learning (ICL) for fine-grained classification of phishing emails based on a taxonomy of 40 manipulation techniques. Using few-shot examples with GPT-4o-mini on real-world French phishing emails (SignalSpam), we evaluated performance against a human-annotated test set (100 emails). The approach effectively identifies prevalent techniques (e.g., Baiting, Curiosity Appeal, Request For Minor Favor) with a promising accuracy of 0.76. This work demonstrates ICL's potential for nuanced phishing analysis and provides insights into attacker strategies.