The proliferation of phishing sites and emails poses significant challenges to existing cybersecurity efforts. Despite advances in spam filters and email security protocols, problems with oversight and false positives persist. Users often struggle to understand why emails are flagged as spam, risking the possibility of missing important communications or mistakenly trusting phishing emails. This study introduces ChatSpamDetector, a system that uses large language models (LLMs) to detect phishing emails. By converting email data into a prompt suitable for LLM analysis, the system provides a highly accurate determination of whether an email is phishing or not. Importantly, it offers detailed reasoning for its phishing determinations, assisting users in making informed decisions about how to handle suspicious emails. We conducted an evaluation using a comprehensive phishing email dataset and compared our system to several LLMs and baseline systems. We confirmed that our system using GPT-4 has superior detection capabilities with an accuracy of 99.70%. Advanced contextual interpretation by LLMs enables the identification of various phishing tactics and impersonations, making them a potentially powerful tool in the fight against email-based phishing threats.

翻译：摘要：钓鱼网站和邮件的泛滥对现有网络安全工作构成了重大挑战。尽管垃圾邮件过滤器和邮件安全协议取得了进展，但监管疏忽和误报问题依然存在。用户往往难以理解邮件被标记为垃圾邮件的原因，从而面临错过重要通信或错误信任钓鱼邮件的风险。本研究提出了ChatSpamDetector系统，该系统利用大型语言模型（LLMs）检测钓鱼邮件。通过将邮件数据转换为适合LLM处理的提示格式，系统能够高精度地判定邮件是否为钓鱼邮件。重要的是，它还能提供详细的判定推理过程，帮助用户就如何处理可疑邮件做出明智决策。我们使用综合性钓鱼邮件数据集进行了评估，并将系统与多个LLM及基线系统进行了比较。结果表明，采用GPT-4的系统检测性能优越，准确率达到99.70%。LLM的深度上下文解释能力使其能够识别多种钓鱼策略和冒充手法，从而成为应对基于邮件的钓鱼威胁的潜在有力工具。