CUSP: Customizable and Usable Spam Filters for Detecting Phishing Emails

Phishing attack continues to be a significant threat to the Internet users and commercial organizations worldwide causing billions of dollars in damage. A successful phishing attack depends on the inability of an end user to accurately tell legitimate and spoofed emails apart. However, unlike their legitimate counterpart, as spoofed emails are composed in bulk, they do not contain any user specific data, which relates users with their accounts. In this paper, as a first step, the authors propose a customizable spam filter that allows the users to store this user specific data on a per organization basis, and then use the stored data to discriminate against fraudulent emails.