Abstract

Although technology can be used for good reasons, the same can be exploited by cybercriminals for malicious intents and activities like phishing attacks.  The use of phishing emails in such crimes makes it riveting to understand language's role in such a deceptive undertaking. Hence, this qualitative work comparatively analyzed the language correctness and deviations, illocutionary speech acts, and persuasion principles of phishing and authentic emails to draw the line that separates the genuine from the copycat. The results reveal that although phishing emails commit more types of language deviations relating to parallelism, pluralization, preposition usage, subject-verb agreement, sentence fragments, and possessive form, there are also instances of faulty use of punctuation markers in authentic emails, thereby making it unreliable to judge an email’s veracity through language correctness or deviations alone. Moreover, the simultaneous use of expressive, directive, and representative acts was found in phishing and authentic emails, while the former has added the commissive act through subtle threats. Also, authority was typical in both phishing and authentic emails, while the former employs other persuasion principles such as reciprocity, social proof, and liking, indicating that phishers not only impersonate legitimate institutions but also stimulate the victims’ emotions. Finally, this study draws that what sets a real email apart from the reeling one is not mainly the correctness or the deviations in an email’s language, but rather, it is the phishing email’s tendency to evoke feelings of fear and a sense of urgency behind the text that may give their dishonesty away.