Smishing Detection From a Messaging Platform View

Abstract

Application-to-person messages for mobile marketing democratized the way enterprises interact with their clients. Messaging services are booming across all sectors allowing companies to solve real business problems and make services more efficient. Unfortunately, the ease and affordability of this service has led to a surge in fraudulent activities in recent years. Our work proposes a proactive and multivariate end-to-end method for determining whether a short text message belongs to a legitimate or malicious industry. The main goal is to empower messaging platforms to prevent and block SMS phishing attacks by combining multiple features from the same message/situation into a single model. To achieve this, we adopted and customized an unmasked large-language model and expressed its input into individual segments separated with a particular token. For phishing detection, we leverage the URL, the text message, the message intent, and the URL page’s title. The best strategy of the proposed detection method achieves an F1-score of 96.1% and an AUC of 97.1%, outperforming the state-of-the-art approaches. We also analyze the model’s gradients and explore an explainable mechanism for understanding the model’s decision, highlighting the most critical pieces related to a decision. We perform an ablation study that underlines the importance of each input segment for the final classification decision, dissecting how all input components correlate with the result.