IDEAS home Printed from https://ideas.repec.org/a/gam/jfinte/v5y2026i3p58-d1981894.html

Beyond Generic Phishing Detection: Explainable AI for Finance-Adapted Models in Banking and Fintech

Author

Listed:
  • Istiaque Bhuiyan

    (Department of Computer Science, La Trobe University, Kingsbury Drive, Bundoora, Melbourne, VIC 3086, Australia)

  • Tanvir Bhuiyan

    (Murdoch Business School, Murdoch University, 90 South St, Murdoch, Perth, WA 6150, Australia)

Abstract

Purpose: This study examines whether finance-adapted (FA) phishing detection models improve the detection of finance-themed (FT) attacks, whether improvements differ across email and webpage modalities, and whether finance adaptation creates a specialisation–generalisation trade-off. Design/Methodology/Approach: A domain-aware framework is developed using email (82,486 instances) and webpage (11,430 instances) datasets. FT and non-finance-themed (NFT) instances are identified using weighted lexicon-based labelling. Generic models are compared with FA models across Logistic Regression, Linear SVC, and Random Forest using F1-score, MCC, balanced accuracy, ROC-AUC, and PR-AUC. Statistical validation employs bootstrap confidence intervals and McNemar’s test, while SHAP and permutation importance interpret webpage model behaviour. Findings: FA models outperform generic models in FT email classification, confirming that finance-specific semantic cues improve detection. However, gains are weaker and less consistent in webpage classification, where models rely mainly on structural indicators (page rank, Google index, hyperlinks). The results reveal a specialisation–generalisation trade-off: FA models improve in-domain detection but do not consistently outperform generic models on NFT instances, with F1-score declines of −0.0057 to −0.0151 on non-finance subsets. Practical Implications: Financial institutions and fintech platforms should deploy domain-adapted detection for email-based threats, where finance-specific linguistic cues yield measurable gains, while maintaining generic or ensemble models for broader webpage phishing coverage. Originality/Value: This study introduces a finance-themed, multi-modal, explainable AI framework for phishing detection, demonstrating that domain adaptation depends critically on data modality and feature representation. It provides a novel systematic comparison of generic versus FA phishing detection across both modalities with statistical validation and explainability analysis.

Suggested Citation

  • Istiaque Bhuiyan & Tanvir Bhuiyan, 2026. "Beyond Generic Phishing Detection: Explainable AI for Finance-Adapted Models in Banking and Fintech," FinTech, MDPI, vol. 5(3), pages 1-33, July.
  • Handle: RePEc:gam:jfinte:v:5:y:2026:i:3:p:58-:d:1981894
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2674-1032/5/3/58/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2674-1032/5/3/58/
    Download Restriction: no
    ---><---

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jfinte:v:5:y:2026:i:3:p:58-:d:1981894. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager The email address of this maintainer does not seem to be valid anymore. Please ask MDPI Indexing Manager to update the entry or send us the correct address (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.