The effectiveness of social engineering schemes, such as phishing, depends significantly on the victim’s emotional state, which is intentionally moved by the attacker toward fear, sadness, and disgust through time pressure, threats, or messages about potential losses, which weaken cognitive control. EEG datasets that simultaneously contain basic emotions and realistic phishing scenarios are lacking. Therefore, in some cases, stress-based biophysiological datasets obtained using the Trier Social Stress Test (TSST) are used for neurophishing modeling. The TSST exhibits phasic dynamics: a transition from a neutral state to a peak in fear, followed by an increase in sadness and a partial recovery to a neutral state, highlighting fear and sadness as key components of social stress. The interval of maximum fear probability is interpreted as the window of greatest vulnerability to phishing, when it is critical to consciously pause, verify information across independent channels, and avoid impulsive actions. The suggested hybrid neural network model, WS-KAN-EEGNet, is trained on five emotions and applied to these recordings, generating temporal trajectories of state probabilities with high accuracy, forming a reliable basis for future industrial solutions to ensure a secure digital space.
Pleshakova et al. (Tue,) studied this question.