{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T09:37:43Z","timestamp":1774517863477,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":75,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,12,6]],"date-time":"2021-12-06T00:00:00Z","timestamp":1638748800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,12,6]]},"DOI":"10.1145\/3485832.3488012","type":"proceedings-article","created":{"date-parts":[[2021,12,6]],"date-time":"2021-12-06T13:42:32Z","timestamp":1638798152000},"page":"930-943","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["Detecting and Characterizing SMS Spearphishing Attacks"],"prefix":"10.1145","author":[{"given":"Mingxuan","family":"Liu","sequence":"first","affiliation":[{"name":"Tsinghua University, China and Beijing National Research Center for Information Science and Technology, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yiming","family":"Zhang","sequence":"additional","affiliation":[{"name":"Tsinghua University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Baojun","family":"Liu","sequence":"additional","affiliation":[{"name":"Tsinghua University, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhou","family":"Li","sequence":"additional","affiliation":[{"name":"University of California, Irvine, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haixin","family":"Duan","sequence":"additional","affiliation":[{"name":"Tsinghua University, China and QI-ANXIN Technology Research Institute, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Donghong","family":"Sun","sequence":"additional","affiliation":[{"name":"Tsinghua University, China and Beijing National Research Center for Information Science and Technology, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,12,6]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Threat intelligence platform in Qihoo 360.https:\/\/ti.360.cn. (Accessed","author":"Qihoo","year":"2020","unstructured":"Qihoo 360. [n.d.]. Threat intelligence platform in Qihoo 360.https:\/\/ti.360.cn. (Accessed in May, 2020)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2659651.2659691"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1298306.1298327"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/2034691.2034742"},{"key":"e_1_3_2_1_5_1","volume-title":"Passive DNS System. https:\/\/passivedns.cn\/. (Accessed","author":"Netlab","year":"2020","unstructured":"Netlab at Qihoo\u00a0360. [n.d.]. Passive DNS System. https:\/\/passivedns.cn\/. (Accessed in May, 2020)."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897890"},{"key":"e_1_3_2_1_7_1","unstructured":"Becky Bracken. 2021. LinkedIn Spear-Phishing Campaign Targets Job Hunters. https:\/\/threatpost.com\/linkedin-spear-phishing-job-hunters\/165240\/."},{"key":"e_1_3_2_1_8_1","unstructured":"China CCTV. 2019. Ranking of permanent residents in 31 provinces in China.https:\/\/news.cctv.com\/2019\/06\/16\/ARTIESM4vkQakTiZC8YxeA24190616.shtml."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/CHINACOM.2006.344718"},{"key":"e_1_3_2_1_10_1","unstructured":"Science China. 2017. 360 Mobile safe\u2019s coverage rate is far ahead ranking first in security software in China.http:\/\/science.china.com.cn\/2017-08\/17\/content_39086982.htm."},{"key":"e_1_3_2_1_11_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1291\u20131307.","author":"Cidon Asaf","unstructured":"Asaf Cidon, Lior Gavish, Itay Bleier, Nadia Korshun, Marco Schweighauser, and Alexey Tsitkin. 2019. High precision detection of business email compromise. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1291\u20131307."},{"key":"e_1_3_2_1_12_1","unstructured":"Xiamen Wanderlust\u00a0Technology Co.2014. National public service hotlines. https:\/\/www.ip138.com\/tel.htm."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1321440.1321486"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2012.6363989"},{"key":"e_1_3_2_1_15_1","unstructured":"Katie DeMatteis. 2019. What\u2019s So Dangerous About Spear Phishing?https:\/\/www.carbonblack.com\/blog\/whats-so-dangerous-about-spear-phishing\/."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"David Dittrich Erin Kenneally 2012. The Menlo Report: Ethical principles guiding information and communication technology research. Technical Report. US Department of Homeland Security.","DOI":"10.2139\/ssrn.2445102"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2016.105"},{"key":"e_1_3_2_1_18_1","volume-title":"DNSDB data.https:\/\/dnsdb.io\/zh-cn\/. (Accessed","author":"Security FarSight","year":"2020","unstructured":"FarSight Security. [n.d.]. DNSDB data.https:\/\/dnsdb.io\/zh-cn\/. (Accessed in May, 2020)."},{"key":"e_1_3_2_1_19_1","unstructured":"Food and Agriculture\u00a0Organization of\u00a0the United\u00a0Nations. [n.d.]. Country code and area code. http:\/\/www.fao.org\/countryprofiles\/iso3list\/zh\/. (Accessed in June 2020)."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314389.1314391"},{"key":"e_1_3_2_1_21_1","volume-title":"Large-scale Bayesian logistic regression for text categorization. technometrics 49, 3","author":"Genkin Alexander","year":"2007","unstructured":"Alexander Genkin, David\u00a0D Lewis, and David Madigan. 2007. Large-scale Bayesian logistic regression for text categorization. technometrics 49, 3 (2007), 291\u2013304."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1166160.1166191"},{"key":"e_1_3_2_1_23_1","unstructured":"Hacken. 2019. NO MORE PRIVACY: 202 MILLION PRIVATE RESUMES EXPOSED.https:\/\/hacken.io\/research\/industry-news-and-insights\/no-more-privacy-202-million-private-resumes-exposed\/."},{"key":"e_1_3_2_1_24_1","unstructured":"Han He. 2020. HanLP: Han Language Processing. https:\/\/github.com\/hankcs\/HanLP"},{"key":"e_1_3_2_1_25_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1273\u20131290.","author":"Ho Grant","unstructured":"Grant Ho, Asaf Cidon, Lior Gavish, Marco Schweighauser, Vern Paxson, Stefan Savage, Geoffrey\u00a0M Voelker, and David Wagner. 2019. Detecting and characterizing lateral phishing at scale. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1273\u20131290."},{"key":"e_1_3_2_1_26_1","volume-title":"26th {USENIX} Security Symposium ({USENIX} Security 17). 469\u2013485.","author":"Ho Grant","unstructured":"Grant Ho, Aashish Sharma, Mobin Javed, Vern Paxson, and David Wagner. 2017. Detecting credential spearphishing in enterprise settings. In 26th {USENIX} Security Symposium ({USENIX} Security 17). 469\u2013485."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313410"},{"key":"e_1_3_2_1_28_1","volume-title":"Text classification using machine learning techniques.WSEAS transactions on computers 4, 8","author":"Ikonomakis M","year":"2005","unstructured":"M Ikonomakis, Sotiris Kotsiantis, and V Tampakas. 2005. Text classification using machine learning techniques.WSEAS transactions on computers 4, 8 (2005), 966\u2013974."},{"key":"e_1_3_2_1_29_1","volume-title":"International conference on machine learning. 1188\u20131196","author":"Le Quoc","year":"2014","unstructured":"Quoc Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In International conference on machine learning. 1188\u20131196."},{"key":"e_1_3_2_1_30_1","volume-title":"29th {USENIX} Security Symposium ({USENIX} Security 20).","author":"Li Jinfeng","unstructured":"Jinfeng Li, Tianyu Du, Shouling Ji, Rong Zhang, Quan Lu, Min Yang, and Ting Wang. 2020. TextShield: Robust Text Classification Based on Multimodal Embedding and Neural Machine Translation. In 29th {USENIX} Security Symposium ({USENIX} Security 20)."},{"key":"e_1_3_2_1_31_1","volume-title":"Textbugger: Generating adversarial text against real-world applications. arXiv preprint arXiv:1812.05271(2018).","author":"Li Jinfeng","year":"2018","unstructured":"Jinfeng Li, Shouling Ji, Tianyu Du, Bo Li, and Ting Wang. 2018. Textbugger: Generating adversarial text against real-world applications. arXiv preprint arXiv:1812.05271(2018)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICISE.2018.00016"},{"key":"e_1_3_2_1_33_1","unstructured":"Zhenhua Li Weiwei Wang Christo Wilson Jian Chen Chen Qian Taeho Jung Lan Zhang Kebin Liu Xiangyang Li and Yunhao Liu. 2017. FBS-Radar: Uncovering Fake Base Stations at Scale in the Wild.. In NDSS."},{"key":"e_1_3_2_1_34_1","unstructured":"Zihan Liu Yan Xu Tiezheng Yu Wenliang Dai Ziwei Ji Samuel Cahyawijaya Andrea Madotto and Pascale Fung. 2020. CrossNER: Evaluating Cross-Domain Named Entity Recognition. arXiv preprint arXiv:2012.04373(2020)."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-73614-1_2"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1109\/INCoS.2016.47"},{"key":"e_1_3_2_1_37_1","unstructured":"Huanguo Message. 2021. The Huanguo Messages for 106 SMS Platform.http:\/\/www.106.cn\/product."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"Najmeh Miramirkhani Oleksii Starov and Nick Nikiforakis. 2016. Dial one for scam: A large-scale analysis of technical support scams. arXiv preprint arXiv:1607.06891(2016).","DOI":"10.14722\/ndss.2017.23163"},{"key":"e_1_3_2_1_39_1","unstructured":"China Mobile. 2021. Mobile cloud services from China Mobile.https:\/\/saas.ecloud.10086.cn\/Store\/TSDetail\/1524."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2012.6363738"},{"key":"e_1_3_2_1_41_1","unstructured":"China News. 2016. 360 Mobile safe has the largest number of users in China.https:\/\/china.huanqiu.com\/article\/9CaKrnJZhMn."},{"key":"e_1_3_2_1_42_1","volume-title":"GDP of 31 provinces","author":"News China","year":"2021","unstructured":"China News. 2021. GDP of 31 provinces in 2021.http:\/\/www.xinhuanet.com\/fortune\/2021-04\/28\/c_1127386550.htm."},{"key":"e_1_3_2_1_43_1","unstructured":"Economic\u00a0Reference News. 2016. New telecom scam scheme with Personal information dumping has become a black industry chain. http:\/\/finance.people.com.cn\/n1\/2016\/0909\/c1004-28703097.html."},{"key":"e_1_3_2_1_44_1","unstructured":"Xinhua News. 2013. Top Ten Types of Spam Messages Real Estate Advertising Becomes the \u201dKing of Spam Messages\u201d.http:\/\/media.people.com.cn\/n\/2013\/1016\/c40733-23222153.html."},{"key":"e_1_3_2_1_45_1","unstructured":"Xinhua News. 2018. What\u2019s behind the of 106 nuisance SMS?http:\/\/www.xinhuanet.com\/2018-12\/16\/c_1123860405.htm."},{"key":"e_1_3_2_1_46_1","unstructured":"Federal\u00a0Bureau of Investigation\u00a0(FBI). 2018. Business E-mail Compromise The 12 Billion Dollar Scam. https:\/\/www.ic3.gov\/Media\/Y2018\/PSA180712."},{"key":"e_1_3_2_1_47_1","unstructured":"Sohu\u00a0Media Platform. 2016. Demystifying the Industrial Chain of Fake Base Stations. http:\/\/m.sohu.com\/n\/444726367\/."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1145\/2939918.2939937"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.28"},{"key":"e_1_3_2_1_50_1","unstructured":"360\u00a0Mobile Safe. [n.d.]. The privacy policy of 360 Mobile Safe. http:\/\/shouji.360.cn\/about\/privacy\/index_2.0.html. (Accessed in May 2020)."},{"key":"e_1_3_2_1_51_1","volume-title":"Report on China\u2019s mobile phone security in the first half of","author":"Safe Mobile","year":"2020","unstructured":"360\u00a0Mobile Safe. 2020. Report on China\u2019s mobile phone security in the first half of 2020."},{"key":"e_1_3_2_1_52_1","unstructured":"John Seymour and Philip Tully. 2018. Generative models for spear phishing posts on social media. arXiv preprint arXiv:1802.05196(2018)."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.4304\/jmm.9.5.635-643"},{"key":"e_1_3_2_1_54_1","unstructured":"China Telecom. 2021. SMS Group Sending Platform-Three Network Jiexin 106 SMS Platform.http:\/\/www.106vip.net\/783.html."},{"key":"e_1_3_2_1_55_1","volume-title":"22nd {USENIX} Security Symposium ({USENIX} Security 13). 195\u2013210.","author":"Thomas Kurt","unstructured":"Kurt Thomas, Damon McCoy, Chris Grier, Alek Kolcz, and Vern Paxson. 2013. Trafficking fraudulent accounts: The role of the underground market in Twitter spam and abuse. In 22nd {USENIX} Security Symposium ({USENIX} Security 13). 195\u2013210."},{"key":"e_1_3_2_1_56_1","volume-title":"58 Tongcheng: Providing biggest Free information classifieds service in China. https:\/\/58.com\/. (Accessed","year":"2020","unstructured":"58 Tongcheng. [n.d.]. 58 Tongcheng: Providing biggest Free information classifieds service in China. https:\/\/58.com\/. (Accessed in June, 2020)."},{"key":"e_1_3_2_1_57_1","unstructured":"Virus Total. [n.d.]. Virus Total.https:\/\/www.virustotal.com\/gui\/home\/search. (Access in May 2020)."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.proeng.2014.03.129"},{"key":"e_1_3_2_1_59_1","volume-title":"28th {USENIX} Security Symposium ({USENIX} Security 19). 1327\u20131340.","author":"Tu Huahong","unstructured":"Huahong Tu, Adam Doup\u00e9, Ziming Zhao, and Gail-Joon Ahn. 2019. Users really do answer telephone scams. In 28th {USENIX} Security Symposium ({USENIX} Security 19). 1327\u20131340."},{"key":"e_1_3_2_1_60_1","unstructured":"International\u00a0Telecommunications Union. 2014. Country code and area code. https:\/\/www.itu.int\/dms_pub\/itu-t\/opb\/sp\/T-SP-M.1400-2014-PDF-C.pdf."},{"key":"e_1_3_2_1_61_1","unstructured":"Mike Vizard. 2019. Mueller Report details how long national nightmare started with simple spearphishing campaign. https:\/\/blog.barracuda.com\/2019\/04\/26\/mueller-report-details-how-long-national-nightmare-started-with-simple-spearphishing-campaign\/."},{"key":"e_1_3_2_1_62_1","doi-asserted-by":"crossref","unstructured":"Jin Wang Zhongyuan Wang Dawei Zhang and Jun Yan. 2017. Combining Knowledge with Deep Convolutional Neural Networks for Short Text Classification.. In IJCAI Vol.\u00a0350.","DOI":"10.24963\/ijcai.2017\/406"},{"key":"e_1_3_2_1_63_1","unstructured":"Kevin Watkins. 2020. SMS Phishing Campaigns Take Advantage of Coronavirus Pandemic.https:\/\/symantec-enterprise-blogs.security.com\/blogs\/threat-intelligence\/sms-phishing-coronavirus."},{"key":"e_1_3_2_1_64_1","unstructured":"Colin Whittaker Brian Ryner and Marria Nazif. 2010. Large-scale automatic classification of phishing pages. (2010)."},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1145\/2019599.2019606"},{"key":"e_1_3_2_1_66_1","volume-title":"Civil Aviation Authority requires airlines","author":"Yanqian Xu.","unstructured":"Yanqian Xu. 2016. Civil Aviation Authority requires airlines\u2019 websites to warn against SMS scams, experts call for higher costs of breaking the law. https:\/\/www.thepaper.cn\/newsDetail_forward_1465286."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359789.3359817"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.11"},{"key":"e_1_3_2_1_69_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2009.175"},{"key":"e_1_3_2_1_70_1","unstructured":"Natalya Zablotskaya. 2008. Fraudulent spam.https:\/\/securelist.com\/fraudulent-spam\/36218\/."},{"key":"e_1_3_2_1_71_1","volume-title":"Electronic and Automation Control Conference (IAEAC). IEEE, 2247\u20132251","author":"Zhang Shengnan","year":"2017","unstructured":"Shengnan Zhang, Yan Hu, and Guangrong Bian. 2017. Research on string similarity algorithm based on Levenshtein Distance. In 2017 IEEE 2nd Advanced Information Technology, Electronic and Automation Control Conference (IAEAC). IEEE, 2247\u20132251."},{"key":"e_1_3_2_1_72_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242659"},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417257"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"crossref","unstructured":"Yue Zhang and Jie Yang. 2018. Chinese NER using lattice LSTM. arXiv preprint arXiv:1805.02023(2018).","DOI":"10.18653\/v1\/P18-1144"},{"key":"e_1_3_2_1_75_1","doi-asserted-by":"publisher","DOI":"10.24963\/ijcai.2020\/351"}],"event":{"name":"ACSAC '21: Annual Computer Security Applications Conference","location":"Virtual Event USA","acronym":"ACSAC '21"},"container-title":["Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3485832.3488012","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3485832.3488012","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T19:18:39Z","timestamp":1755890319000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3485832.3488012"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,12,6]]},"references-count":75,"alternative-id":["10.1145\/3485832.3488012","10.1145\/3485832"],"URL":"https:\/\/doi.org\/10.1145\/3485832.3488012","relation":{},"subject":[],"published":{"date-parts":[[2021,12,6]]},"assertion":[{"value":"2021-12-06","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}