{"id":1179,"date":"2026-03-23T23:50:33","date_gmt":"2026-03-23T20:50:33","guid":{"rendered":"https:\/\/www.al-manafeth.com\/?p=1179"},"modified":"2026-03-24T00:02:26","modified_gmt":"2026-03-23T21:02:26","slug":"forensic-linguistics-and-cybersecurity-combined-investigating-e-fraud-through-language","status":"publish","type":"post","link":"https:\/\/www.al-manafeth.com\/?p=1179","title":{"rendered":"Forensic Linguistics and Cybersecurity Combined: Investigating E-Fraud through Language"},"content":{"rendered":"

Forensic Linguistics and Cybersecurity Combined: Investigating E-Fraud through Language<\/strong><\/p>\n

\u062f\u0645\u062c \u0627\u0644\u0644\u0651\u0633\u0627\u0646\u064a\u0651\u0627\u062a \u0627\u0644\u062c\u0646\u0627\u0626\u064a\u0651\u0629 \u0628\u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u0651\u064a\u0628\u0631\u0627\u0646\u064a\u0651: \u0627\u0644\u062a\u0651\u062d\u0642\u064a\u0642 \u0627\u0644\u0644\u0651\u063a\u0648\u064a\u0651 \u0641\u064a \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644\u00a0\u0627\u0644\u0627<\/strong>\u0644<\/strong>\u0643\u062a\u0631\u0648\u0646\u064a\u0651<\/strong><\/p>\n

Nidaa Mercel Al Saifi<\/strong>[1]<\/strong><\/a><\/p>\n

\u0646\u062f\u0627\u0621 \u0645\u0631\u0633\u0644 \u0627\u0644\u0635\u0651\u064a\u0641\u064a<\/strong><\/p>\n

\u062a\u0627\u0631\u064a\u062e \u0627\u0644\u0627\u0633\u062a\u0644\u0627\u0645 3\/ 10\/ 2025 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u062a\u0627\u0631\u064a\u062e \u0627\u0644\u0642\u0628\u0648\u0644 30\/ 11\/2025<\/p>\n

\u0644\u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0628\u062d\u062b \u0628\u0635\u064a\u063a\u0629 PDF<\/a><\/strong><\/p>\n

Abstract<\/strong><\/p>\n

Within the cyberworld, language is a crucial component through which the entire communicative process is executed. However, in the cyberspace, the function of language is not only communicative, but it also relates to privacy and security matters defining cybersecurity. Grounded in this critical role of language, this study approached the context of scam job offers as a significant manifestation of e-fraud, even regarded as a form of language crimes. Particularly, this study blended computationally-driven methods with forensic linguistic tools to uncover deception indicators distinguishing scams form genuine job offers. It employed text mining techniques and stylometric analysis to investigate the linguistic patterns and style differentiating scam job offers from authentic ones. Besides, this study adopted the Aristotelian Triad<\/em> as a powerful theoretical framework to explore how scammers deploy rhetorical elements as a persuasive strategy shaping their victims\u2019 behavior. Through its mixed-methods design, the research revealed that informality, substandard professionalism, privacy abuse, and exaggerated promises are evident-based indicators of deception distinguishing scams from genuine offers. Also, the forensic stylometric analysis showed that scams often lack the homogeneity and consistency in sentence length as well as the accuracy in punctuation patterns. Finally, the theoretical analysis grounded in the adopted Aristotelian Triad<\/em> revealed that scammers heavily rely on emotional appeals and often refer to fabrication and impersonation to benefit from the power of ethos and logos in achieving persuasion and manipulation.<\/p>\n

Keywords<\/strong>: <\/em>E-fraud, cybersecurity, text mining, stylometry, Aristotelian Triad<\/p>\n

\u0627\u0644\u0645\u0644\u062e\u0635<\/strong><\/p>\n

\u0641\u064a \u0625\u0637\u0627\u0631 \u0627\u0644\u0639\u0627\u0644\u0645 \u0627\u0644\u0633\u0651\u064a\u0628\u0631\u0627\u0646\u064a\u0651\u060c \u062a\u0639\u062f\u0651 \u0627\u0644\u0644\u0651\u063a\u0629 \u0645\u0643\u0648\u0651\u0646\u064b\u0627 \u062d\u064a\u0648\u064a\u0651\u064b\u0627 \u0625\u0630 \u0645\u0646 \u062e\u0644\u0627\u0644\u0647\u0627 \u062a\u062a\u0645 \u0627\u0644\u0639\u0645\u0644\u064a\u0629 \u0627\u0644\u062a\u0651\u0648\u0627\u0635\u0644\u064a\u0651\u0629. \u063a\u064a\u0631 \u0623\u0646\u0651 \u0648\u0638\u064a\u0641\u0629 \u0627\u0644\u0644\u0651\u063a\u0629 \u0641\u064a \u0627\u0644\u0641\u0636\u0627\u0621 \u0627\u0644\u0631\u0651\u0642\u0645\u064a\u0651 \u0644\u0627 \u062a\u0642\u062a\u0635\u0631 \u0639\u0644\u0649 \u0643\u0648\u0646\u0647\u0627 \u062a\u0648\u0627\u0635\u0644\u064a\u0651\u0629\u060c \u0628\u0644 \u0625\u0646\u0651\u0647\u0627 \u062a\u062a\u062f\u0627\u062e\u0644 \u0623\u064a\u0636\u064b\u0627 \u0641\u064a \u0642\u0636\u0627\u064a\u0627 \u0627\u0644\u0623\u0645\u0646 \u0648\u0627\u0644\u062d\u0645\u0627\u064a\u0629 \u0627\u0644\u062a\u064a \u062a\u0634\u0643\u0651\u0644 \u062c\u0648\u0647\u0631 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u0651\u064a\u0628\u0631\u0627\u0646\u064a\u0651. \u0627\u0646\u0637\u0644\u0627\u0642\u064b\u0627 \u0645\u0646 \u0647\u0630\u0627 \u0627\u0644\u062f\u0651\u0648\u0631 \u0627\u0644\u0641\u0639\u0627\u0644\u060c \u064a\u062a\u0637\u0631\u0651\u0642 \u0647\u0630\u0627 \u0627\u0644\u0628\u062d\u062b \u0627\u0644\u0649 \u0633\u064a\u0627\u0642 \u0639\u0631\u0648\u0636 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644\u064a\u0651\u0629 \u0643\u062a\u062c\u0644\u064d \u0628\u0627\u0631\u0632\u064d \u0644\u0644\u0627\u062d\u062a\u064a\u0627\u0644 \u0627\u0644\u0631\u0651\u0642\u0645\u064a\u0651\u060c \u0648\u0643\u0645\u0627 \u0623\u0646\u0651\u0647 \u064a\u0635\u0646\u0651\u0641 \u0643\u0648\u0646\u0647 \u0623\u062d\u062f \u0623\u0634\u0643\u0627\u0644 \u0627\u0644\u062c\u0631\u0627\u0626\u0645 \u0627\u0644\u0644\u0651\u063a\u0648\u064a\u0651\u0629. \u0639\u0644\u0649 \u0648\u062c\u0647 \u0627\u0644\u062e\u0635\u0648\u0635\u060c \u064a\u062f\u0645\u062c \u0647\u0630\u0627 \u0627\u0644\u0628\u062d\u062b \u0627\u0644\u0637\u0651\u0631\u0642 \u0627\u0644\u0642\u0627\u0626\u0645\u0629 \u0639\u0644\u0649 \u0627\u0644\u062d\u0648\u0633\u0628\u0629 \u0645\u0639 \u0627\u0644\u0644\u0651\u063a\u0648\u064a\u0651\u0627\u062a \u0627\u0644\u062c\u0646\u0627\u0626\u064a\u0651\u0629 \u0628\u0647\u062f\u0641 \u0643\u0634\u0641 \u0645\u0624\u0634\u0651\u0631\u0627\u062a \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644 \u0627\u0644\u062a\u064a \u062a\u0645\u064a\u0632 \u0639\u0631\u0648\u0636 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0648\u0647\u0645\u064a\u0651\u0629 \u0639\u0646 \u0627\u0644\u0627\u0635\u0644\u064a\u0651\u0629 \u0645\u0646\u0647\u0627. \u062a\u0633\u062a\u0639\u064a\u0646 \u0647\u0630\u0647 \u0627\u0644\u062f\u0651\u0631\u0627\u0633\u0629 \u0628\u062a\u0642\u0646\u064a\u0651\u0627\u062a \u0627\u0644\u062a\u0651\u0646\u0642\u064a\u0628 \u0639\u0646 \u0627\u0644\u0646\u0651\u0635\u0648\u0635 \u0648\u0627\u0644\u062a\u0651\u062d\u0644\u064a\u0644 \u0627\u0644\u0623\u0633\u0644\u0648\u0628\u064a\u0651 \u0627\u0644\u0631\u0651\u0642\u0645\u064a\u0651 \u0644\u0643\u0634\u0641 \u062a\u0628\u0627\u064a\u0646 \u0627\u0644\u0623\u0646\u0645\u0627\u0637 \u0648\u0627\u0644\u0623\u0633\u0627\u0644\u064a\u0628 \u0627\u0644\u0644\u0651\u063a\u0648\u064a\u0651\u0629 \u0628\u064a\u0646 \u0627\u0644\u0639\u0631\u0648\u0636 \u0627\u0644\u0648\u0647\u0645\u064a\u0651\u0629 \u0648\u0627\u0644\u0623\u0635\u0644\u064a\u0651\u0629. \u0625\u0636\u0627\u0641\u0629 \u0627\u0644\u0649 \u0630\u0644\u0643\u060c \u062a\u0639\u062a\u0645\u062f \u0647\u0630\u0647 \u0627\u0644\u062f\u0651\u0631\u0627\u0633\u0629 \u0639\u0644\u0649 \u0627\u0644\u062b\u0651\u0627\u0644\u0648\u062b \u0627\u0644\u0623\u0631\u0633\u0637\u064a\u0651 \u0643\u0625\u0637\u0627\u0631 \u0646\u0638\u0631\u064a\u0651 \u0644\u0627\u0633\u062a\u0643\u0634\u0627\u0641 \u0643\u064a\u0641\u064a\u0629 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u062d\u062a\u0627\u0644\u064a \u0627\u0644\u0627\u0646\u062a\u0631\u0646\u062a \u0644\u0644\u0639\u0646\u0627\u0635\u0631 \u0627\u0644\u0628\u0644\u0627\u063a\u064a\u0651\u0629 \u0648\u0633\u064a\u0644\u0629 \u0625\u0642\u0646\u0627\u0639\u064a\u0651\u0629 \u0644\u0644\u062a\u0651\u062d\u0643\u0645 \u0641\u064a \u0633\u0644\u0648\u0643 \u0636\u062d\u0627\u064a\u0627\u0647\u0645 \u0648\u0627\u0644\u0625\u064a\u0642\u0627\u0639 \u0628\u0647\u0645. \u0628\u0627\u0639\u062a\u0645\u0627\u062f\u0647\u0627 \u062a\u0635\u0645\u064a\u0645 \u0627\u0644\u0637\u0651\u0631\u0642 \u0627\u0644\u0645\u062e\u062a\u0644\u0637\u0629\u060c \u0623\u0638\u0647\u0631\u062a \u0647\u0630\u0647 \u0627\u0644\u062f\u0651\u0631\u0627\u0633\u0629 \u0623\u0646\u0651 \u0639\u0631\u0648\u0636 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0648\u0647\u0645\u064a\u0651\u0629 \u062a\u0641\u062a\u0642\u0631 \u0627\u0644\u0649 \u0627\u0644\u0631\u0651\u0633\u0645\u064a\u0651\u0629\u060c \u0648\u062a\u062a\u0645\u064a\u0632 \u0628\u0627\u062d\u062a\u0631\u0627\u0641\u064a\u0651\u0629 \u0645\u0646\u062e\u0641\u0636\u0629 \u0627\u0644\u0645\u0633\u062a\u0648\u0649 \u0625\u0636\u0627\u0641\u0629 \u0627\u0644\u0649 \u0627\u0646\u062a\u0647\u0627\u0643 \u0627\u0644\u062e\u0635\u0648\u0635\u064a\u0651\u0629 \u0648\u0627\u0644\u0648\u0639\u0648\u062f \u0627\u0644\u0645\u0636\u062e\u0645\u0629 \u0643\u0645\u0624\u0634\u0631\u0627\u062a \u062d\u064a\u0648\u064a\u0651\u0629 \u062a\u0645\u064a\u0651\u0632\u0647\u0627 \u0639\u0646 \u0639\u0631\u0648\u0636 \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0623\u0635\u0644\u064a\u0629. \u0641\u0636\u0644\u064b\u0627 \u0639\u0646 \u0630\u0644\u0643\u060c \u0623\u0638\u0647\u0631 \u0627\u0644\u062a\u0651\u062d\u0644\u064a\u0644 \u0627\u0644\u0623\u0633\u0644\u0648\u0628\u064a\u0651 \u0627\u0644\u062c\u0646\u0627\u0626\u064a\u0651 \u0623\u0646\u0651 \u0627\u0644\u0639\u0631\u0648\u0636 \u0627\u0644\u0648\u0647\u0645\u064a\u0651\u0629 \u062a\u0641\u062a\u0642\u0631 \u0625\u0644\u0649 \u0627\u0644\u062a\u0651\u062c\u0627\u0646\u0633 \u0648\u0627\u0644\u0627\u062a\u0651\u0633\u0627\u0642 \u0641\u064a \u0637\u0648\u0644 \u0627\u0644\u062c\u0645\u0644\u0629 \u0643\u0645\u0627 \u0623\u0646\u0651\u0647\u0627 \u062a\u0641\u062a\u0642\u062f \u0627\u0644\u062f\u0651\u0642\u0629 \u0641\u064a \u0639\u0644\u0627\u0645\u0627\u062a \u0627\u0644\u062a\u0651\u0631\u0642\u064a\u0645. \u0623\u062e\u064a\u0631\u064b\u0627\u060c \u0623\u0643\u0651\u062f \u0627\u0644\u062a\u0651\u062d\u0644\u064a\u0644 \u0627\u0644\u0646\u0651\u0638\u0631\u064a\u0651 \u0627\u0644\u0645\u0628\u0646\u064a \u0639\u0644\u0649 \u0627\u0644\u062b\u0651\u0627\u0644\u0648\u062b \u0627\u0644\u0623\u0631\u0633\u0637\u064a \u0623\u0646 \u0645\u0631\u062a\u0643\u0628\u064a \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644 \u0627\u0644\u0625\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0651 \u064a\u0639\u062a\u0645\u062f\u0648\u0646 \u0639\u0644\u0649 \u0627\u0644\u0627\u0633\u062a\u0645\u0627\u0644\u0629 \u0627\u0644\u0639\u0627\u0637\u0641\u064a\u0651\u0629 \u0648\u0643\u0645\u0627 \u064a\u0644\u062c\u0624\u0648\u0646 \u0627\u0644\u0649 \u0627\u0644\u0641\u0628\u0631\u0643\u0629 \u0648\u0627\u0644\u0627\u0646\u062a\u062d\u0627\u0644 \u0644\u062a\u0648\u0638\u064a\u0641 \u0627\u0644\u0627\u064a\u062b\u0648\u0633 \u0648\u0627\u0644\u0644\u0648\u063a\u0648\u0633 \u0641\u064a \u0633\u0628\u064a\u0644 \u062a\u062d\u0642\u064a\u0642 \u0627\u0644\u0625\u0642\u0646\u0627\u0639\u00a0\u0648\u0627\u0644\u062a\u0651\u062d\u0627\u064a\u0644.<\/p>\n

\u0627\u0644\u0643\u0644\u0645\u0627\u062a \u0627\u0644\u0645\u0641\u062a\u0627\u062d\u064a\u0651\u0629<\/strong>: \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644 \u0627\u0644\u0631\u0651\u0642\u0645\u064a\u0651\u060c \u0627\u0644\u0627\u0645\u0646 \u0627\u0644\u0633\u0651\u064a\u0628\u0631\u0627\u0646\u064a\u0651\u060c \u0627\u0644\u062a\u0651\u0646\u0642\u064a\u0628 \u0639\u0646 \u0627\u0644\u0646\u0651\u0635\u0648\u0635\u060c \u0648\u0627\u0644\u062a\u0651\u062d\u0644\u064a\u0644 \u0627\u0644\u0623\u0633\u0644\u0648\u0628\u064a\u0651 \u0627\u0644\u0631\u0651\u0642\u0645\u064a\u0651\u060c \u0627\u0644\u062b\u0651\u0627\u0644\u0648\u062b \u0627\u0644\u0623\u0631\u0633\u0637\u064a\u0651.<\/p>\n

Introduction<\/strong><\/p>\n

Amidst the escalating involvement of individuals in the digital world, the threats of privacy attack, safety breach, and e-fraud witnessed a marked increase. In light of this phenomenon, cybersecurity is inevitably compromised, hindering digital users\u2019 engagement in the cyberspace and disrupting their virtual experience. In this context, e-fraud practiced through scam job offers is a valid demonstration depicting the criticality of these fraudulent activities and highlighting the alarming need to closely consider the strategies deployed in undergoing deception and manipulation as a serious form of cybercrime. Blended with the scope of language and communication, Williams (2001) emphasizes the interplay between e-fraud and language stating that \u201cmost forms of abuse online manifest textually\u201d (p. 164). This shows that cybercrime heavily relies on language as a means of communication through which deception is performed. This interconnection portrays the significance of linguistic components and their invisible yet effective role in the execution of e-fraud. Intersecting at a single point, cybersecurity, language, and e-fraud manifest as a fertile focus of Forensic Linguistics (FL) as a newly emerging field embarking on the avenues of justice, language, and law (Dusane, 2021).<\/p>\n

\u00a0Given the identified interface, the conducted research ventured into the realm of FL and cybersecurity through investigating e-fraud practiced in scam job offers. Its analytical approach heavily relied on digitalized analysis, mainly computational text mining and forensic corpus-based stylometric analysis. This provided insights into the deceptive strategies practiced through language in scam recruitment offers as a valid manifestation of linguistically committed cybercrimes. Besides, the comparative method was employed attempting to distinguish the style and content of scam job offers from authentic ones. In addition to the digital quantitative approach, the study also embarked on qualitative analysis with the lens of the Aristotelian Triad through which the use of rhetoric as a persuasive strategy underpinning deception in the cyberworld was portrayed.<\/p>\n

Statement of the Problem<\/em><\/p>\n

According to the Verizon Business\u2019 2024 Data Breach Investigations Report<\/em>, the rate of cybercrimes is rising steadily mainly as the world is increasingly orienting toward digitalization. Statistically, the report shows an alarming increase in ransomware and phishing attacks during 2023, with the former accounting for 23% of the total analyzed breaches and the latter for 20% (Verizon Business, 2024). Kuzior et al. (2024) claim that since cybercrimes result in critical consequences hindering users\u2019 financial and personal data, \u201cprotecting this data from breaches is crucial for maintaining privacy and trust\u201d (p. 222).\u00a0 In light of the stated problem, it is crystallized that privacy and security are pivotal matters challenged by the expanding threat imposed by cyber fraud. In this context, Kolupuri et al. (2025) argue that scams are a common type of digital fraud schemes that have severe effects on individuals and businesses. These fraudulent activities are mainly perpetrated through fake news and unsolicited mails such as those impersonating a company representative to suggest a job offer. Thus, the spread of scam job offers is a pressing matter challenging cybersecurity.<\/p>\n

Considering the seriousness of this issue, this study approaches the context of scam job offers through an innovative forensic linguistic approach. Being regarded as a form of cybercrime, scam job offers deploy deceptive strategies in victimizing users in the digital world. Since language lies at the center of the communicative process in the cyber world, investigating linguistic deception indicators assists in distinguishing scam from authentic recruitment offers. Despite the significance of this matter, the scope of cybersecurity and e-fraud, particularly in the context of scam job offers, has been scarcely explored. Therefore, this study mingles computational textual analysis with stylometric investigation and rhetorical interpretation to bridge the gap explored in the realm of cybersecurity.<\/p>\n

Purpose of the Study<\/em><\/p>\n

The ultimate purpose of this study lies in addressing the stated research problem through an interdisciplinary perspective. The conducted research primarily employs a forensic corpus-based approach blended with computational linguistic methods and the Aristotelian framework to investigate cyber fraud through language. Particularly, it intends to foster cybersecurity through uncovering deception indicators in the context of scam job offers communicated via email systems. Moreover, this study subjects the investigated corpus to forensic stylometric analysis. This contributes to revealing stylometric features such as sentence length and punctuation patterns distinguishing scam from authentic job offers. Besides, to deepen the linguistic dimension of the conducted analysis, the researcher approached the selected scam offers through the lens of the Aristotelian Triad<\/em>. This reflects how fraudsters harness rhetorical appeals (ethos, pathos, logos) in scam job offers to persuade their victims and manipulate their behavior. Therefore, this study mingles computational linguistic analysis with a forensic corpus-based approach and an Aristotelian rhetorical framework to investigate e-fraud as one common form of cybercrimes.<\/p>\n

Significance of the Study<\/em><\/p>\n

The relevance of this study lies in its potential to investigate cyber fraud through an interdisciplinary linguistic approach, fostering the functionality of language in diverse domains. It embarks on a scarcely explored subject manifested in the synchronization of Forensic Linguistics and Cybersecurity as two booming disciplines in the digital age. In line with its novel approach, this study touches on a critical phenomenon hindering users\u2019 privacy and digital security. While research on the cybersecurity mainly centers on software-based algorithms, log analysis, and encryption, this study delves beyond conventional boundaries, emphasizing the power of language in supporting cybersecurity and detecting cybercrimes. This is portrayed in the intersection of computational linguistic methods and forensic corpus-based approaches supported by rhetorical analysis of the invisible persuasive strategies characterizing the context of scam job mails. Besides, combining stylometric analysis and computational methods with a rhetorical approach provides a blended sense of quantitative and qualitative interpretation of the explored context.\u00a0 Accordingly, this study positions language not only as a communicative tool, but also as a means through which forensic evidence can be explored. Thus, it reflects the functionality of linguistic analysis in uncovering criminal practices and assisting the judicial system. This contributes to promoting cybersecurity and protecting users from cyber attacks that threaten their privacy in the digital world.<\/p>\n

Research Questions<\/em><\/p>\n

Considering the illustrated problem, the researcher posed the following research questions:<\/p>\n

    \n
  1. How do computational text mining tools (concordances, n-grams, collocates) unveil deception indicators embedded in scam job offers compared to genuine ones?<\/li>\n
  2. How does forensic corpus-based stylometric analysis of sentence length and punctuation frequencies distinguish authentic recruitment offers from scams?<\/li>\n
  3. To what extent do scam job offers deploy the Aristotelian Triad<\/em> to deceive their victims and manipulate their behavior?<\/li>\n<\/ol>\n

    Literature Review <\/strong><\/p>\n

    Forensic Linguistics: The Intersection of Language and Law<\/em><\/p>\n

    Forensic Linguistics (FL) is a subfield of applied linguistics and an emerging branch of the overarching discipline of forensic science (Ahmed, 2021; Dusane, 2021). It is characterized by its heterogenous nature that is structured on an interdisciplinary basis, primarily aiming to associate language with legal concerns as a means of assisting the judicial system (Momeni, 2012). In other words, Fromkin et al. (2014) argue that Forensic Linguistics operates at the level of employing language as a tool for facilitating legal cases through its integration in the realm of investigative purposes. This integration is displayed in diverse practical applications including plagiarism detection, authorship attribution, fraud identification, lip-reading, document examination, and courtroom interaction (Ariani et al., 2014; Sakakini, 2020).<\/p>\n

    In describing this field, linguists and pioneers agreed on multiple definitions of FL. For Shuy (2006), FL is the study of language which contributes to facilitating legal cases and enhancing the demonstration of justice. This definition is further asserted by Olsson (2012) who states that \u201cforensic linguistics began life as an instrument to correct miscarriages of justice\u201d (p. 5). Furthermore, FL is also considered a subfield of forensics that delves into investigating the invisible factors that effectively yet implicitly contribute to addressing forensic issues. Particularly, it functions at the level of detecting and analyzing authentic linguistic evidence, employing diverse analytical tools (MacLeod & Wright, 2020; Syam, 2018). These tools heavily rely on digital methods, mirroring the interplay between this field and digital textual analysis that is booming in the technological era (MacLeod & Wright, 2020). In illustrating the operational procedure of FL, MacLeod and Wright (2020) maintain that in scrutinizing linguistic evidence, FL mingles three major elements, namely: \u201c(i) the (written) language of the law, (ii) the language of (spoken) legal processes, and (iii) language analysis as evidence or as an investigative tool\u201d (p. 360). Through these components, FL uncovers the invisible realities through decoding beyond-line clues (Dusane, 2021).<\/p>\n

    In tracing its foundation, FL, like many other disciplines has roots in Greek philosophies mainly as Greek authors explored the authenticity of texts and highlighted plagiarism as a form of fraud (Ramezani et al., 2016). Besides, McMenamin (2002) claims that the field underwent different stages of progression, particularly during the 19th<\/sup> century, manifested in the evolution of multiple methods that fostered authorship attribution. Nevertheless, it was not until 1963 that FL appeared as a separate discipline in The United States of America. Its evolution was brought forth by the case of Ernesto Miranda who was arrested by the police. Miranda\u2019s case inspired the development of a formal legal text titled Miranda Warnings<\/em> which fostered the need \u201cto concentrate on interviewing of witness rather than on cop\u2019s statements\u201d (Dusane, 2021, p. 5174). Due to the explored significance of interviewing the witness, Miranda\u2019s case foregrounded forensic linguists\u2019 development of Miranda Rights<\/em> which mirrored how the meaning of a text is shaped by how the content is communicated, interpreted, and understood. This revealed that any misinterpretation of the criminal\u2019s message can result in systemic injustice (Dusane, 2021). In 1968, FL was first coined as a distinct science by the Swedish linguist Jan Svartvik in his book titled The Evans Statements: A Case for Forensic Linguistics<\/em> (Ali, 2020; Ariani et al., 2014).<\/p>\n

    Cybersecurity: A Comprehensive Overview<\/em><\/p>\n

    One of the earliest definitions of cybersecurity dates back to the 1980s when Steve Lipner developed the CIA triad<\/em> accounting for defining cybersecurity in terms of: Confidentiality, Integrity, and Availability. However, the progression of technology and networking systems has weakened this triad and its functionality, driving the evolution of updated approaches that offer a more comprehensive definition of this notion (Ham, 2021). Among these approaches, the NIST cybersecurity framework is perceived as a generic approach that complements the CIA triad, aiming at enhancing the infrastructure of cybersecurity (National Institute of Standards and Technology, 2018). In this regard, the NIST framework is a collection of the following activities:<\/p>\n

    \u00a0(1) Identify: identify the assets that must be secured and the context that they are in<\/p>\n

    \u00a0(2) Protect: define and implement protective measures for the assets<\/p>\n

    \u00a0(3) Detect: put sensors and processes in place to detect when protection has been breached<\/p>\n

    \u00a0(4) Respond: define response processes for when an incident has been detected<\/p>\n

    \u00a0(5) Recover: develop plans for resilience in the organisation, as well as recovery mechanisms. (Ham, 2021, pp. 2-3)<\/p>\n

    Based on the mentioned frameworks, cybersecurity is a process through which digital devices, accounts, and networks are protected against electronic threats such as theft and cyber fraud (Mijwil et al., 2023). It operates at the level of implementing practical tactics that help protecting the digital environment from electronic threats that are becoming popular due to the expansion of the digital world (Kuzior et al., 2024). Therefore, cybersecurity aims at mitigating cybercrimes through monitoring and controlling the communicative process in cyberspace as a means of maintaining security properties of users\u2019 assets in the cyber environment (Galinec et al., 2017).<\/p>\n

    E-Fraud as a Form of Cybercrime<\/em><\/p>\n

    According to Kuzior et al. (2024), the growing orientation of humans toward the digital world increased the risk of encountering cybercrimes. This phenomenon is highlighted and reported in various reports and by diverse statisticians who \u201cdemonstrate cybercrime\u2019s increasing frequency and sophistication, including hacking, phishing, ransomware, and other malicious activities\u201d (Kuzior et al., 2024, p. 222). In this regard, Mijwil et al. (2023) state that cyberattacks serve as a form of digital fraud, resulting in serious losses for individuals in the cyber environment. In this context, Dzomira (2014) identifies the multiple types of cyber fraud among which identity theft is a critical category. In addition, another frequent fraud scheme is manifested in scam-based and spam-related operations. This often occurs when fraudsters assume the false identity of a company or a financial institution as a means of deceiving the receivers and obtaining their personal assets (Dzomira, 2014; Geeta, 2011). Kolupuri et al. (2025) shed light on the subtypes of scam attacks, outlining five categories that fall under this umbrella:<\/p>\n

      \n
    1. Phishing Attacks<\/li>\n
    2. Click Fraud<\/li>\n
    3. Content based SMS scam<\/li>\n
    4. Fraud in advertising<\/li>\n
    5. Online Social Network Scam (p.2)<\/li>\n<\/ol>\n

      Kolupuri et al. (2025) consider these practices as manifestations of cybercrimes since they pose serious threat to individuals and organizations. Phishing attacks, for example, employ different deceptive strategies to manipulate the victims\u2019 behavior and drive them to share sensitive information. Similarly, click fraud results in critical financial damages particularly for online businesses as it \u201crequires the generation of counterfeit clicks on online advertisements to fraudulently inflate ad revenue or deplete a competitor\u2019s ad budget\u201d (Kolupuri et al., 2025, p. 3). Likewise, other types of scams extensively rely on the power of anonymity to deceive the users through mimicking legitimate figures\u2019 styles and content. Thus, this reflects the seriousness of the cybercriminal practices as they tend to be real-life crimes, mandating immediate consideration and legal adjustments (Sousa-Silva, 2024).<\/p>\n

      Methods<\/strong><\/p>\n

      Research Design<\/em><\/p>\n

      According to Kumar (2011), a research design is a strategic plan outlining the research investigation and process followed by the researcher to reliably respond to the posed research questions and accurately address the stated problem. Within this scope, the present study adopted a mixed-methods approach, combing qualitative and quantitative analysis in exploring the studied context. Obeyd (2021) distinguishes quantitative and qualitative research claiming that:<\/p>\n

      Quantitative research is characterized with the use of numbers and they are enlivened to meaning when they are contextually backed up \u2026 it is systematic, controlled, involving exact measurements resulting in reliable and generalized results \u2026 [However,] qualitative research is effective in exploring new areas by studying and explaining in details a phenomenon. (pp. 56, 58)<\/p>\n

      Therefore, the mixed-methods approach is considered a third approach combining techniques of both qualitative and quantitative research in a way that strengthens the study and contributes to eliminating the weaknesses of a single design (Creswell, 2014; Obeyd, 2021). In the context of this study, the quantitative approach was manifested in deploying computational techniques through text mining tools that allowed for uncovering deception indicators embedded in scam job offers. Besides, the corpus-based stylometric analysis also brought forth significant numerical data differentiating scam offers from genuine ones. At the level of qualitative data, this was primarily obtained through the adoption of the Aristotelian Triad to investigate scammers adherence to ethos, pathos, and logos to manipulate their victims\u2019 behavior. Moreover, both qualitative and quantitative analysis were displayed in terms of exploring collocates and analyzing keywords in context.<\/p>\n

      Corpus of the Study<\/em><\/p>\n

      As this study is corps-based, the corpora were selected, compiled, and cleaned before being set into analysis. Particularly, samples of genuine and scam job offers were compiled and balanced according to the criteria of genre and size. In terms of genre, all selected samples were samples of recruitment offers, representatively involving both authentic and scam offers. As for the corpus size, each of the selected corpora adhered to a range of 2650-2675 tokens\/corpus. Thus, the number of tokens was 2673 and 2652 for genuine and scam job offers respectively, resulting in a total of 5325 tokens. In terms of the corpus selection and compilation, the scam job offers were retrieved from the Nigerian scams<\/em> website available at http:\/\/www.419scam.org.\/<\/a>. The researcher particularly visited the Company representative scam<\/em> section and randomly selected scam job offers presented in this section. As for the authentic offers, the researcher contacted the Human Resources (HR) directors at different reputable institutions to obtain some samples of the recruitment offers they usually use. This provided a valid and reliable access to both genuine and scam job offers.<\/p>\n

      To ensure the confidentiality of participants mentioned in the compiled corpus, the researcher followed a strategic anonymization criterion through which personal information was replaced by coded identifiers such as [RECIPIENT_NAME], [EMAIL_ADDRESS], [SENDER_NAME], [COMPANY_NAME], etc. These anonymization tokens enhanced the objectivity of the study and fostered the researcher\u2019s ethical approach to sensitive data. Besides, consistency was maintained across all datasets to avoid bias and to maintain a reliable preservation of any structural or linguistic features. In addition to anonymization, corpus cleaning was performed prior to the analytical process at some levels of the study. While answering RQ#1 and RQ# 3 required using full email samples (including greeting, content, closing, and other components), responding to RQ# 2 rather necessitated the preservation of the email body and the elimination of other components. Cleaning the corpus at the level of RQ#2 was due to the researcher\u2019s focus on sentence length and punctuation patterns which might be misinterpreted in the presence of line breaks separating the email content from other components. In other words, the algorithm of the used software might treat a line break as new sentence, although it does not correspond to a true linguistic sentence, resulting in misinterpretations in sentence length and number. Thus, only the email body was consistently analyzed in responding to RQ#2, while the full email was considered in the context of RQ#1 and RQ#3.<\/p>\n

      Tools\/Instruments of<\/em> the Study<\/em><\/p>\n

        \n
      1. AntConc (3.5.9)<\/em><\/li>\n<\/ol>\n

        In the realm of digital analysis and corpus linguistics, AntConc <\/em>emerges as a freeware corpus analysis toolkit encompassing diverse analytical tools (Anthony, 2004). To carry out text mining procedures, the researcher employed AntConc (3.5.9)<\/em> as a corpus analysis software through which different textual features are investigated. Its computerized algorithm provides accurate and authentic representation of linguistic features, mainly in terms of numerical data such as concordances, n-grams, and frequency of collocation. Through its KWIC (Key Word In Context) feature, this software presents results in terms of \u201cthe hit number, KWIC line, and the file name\u201d (Anthony, 2004, p. 9). This mirrors its functionality in assisting the computational analytical process in this study through which deception indicators in scam job offers are explored and, accordingly, scams are distinguished from genuine offers.<\/p>\n

          \n
        1. Signature Stylometric System (1.0)<\/em><\/li>\n<\/ol>\n

          Signature Stylometric System (1.0)<\/em> is a freeware computational stylistics tool designed by Peter Millican to facilitate stylometric analysis as a central aspect of forensic linguistic investigation (Guillen-Nieto et al., 2008). It operates through displaying two-dimensional and three-dimensional graphs with numerical values measuring style markers including sentence length, word length, paragraph length, and punctuation patterns. In highlighting its functionality in the scope of forensic linguistic investigation, Guillen-Nieto et al. (2008, p. 14) argue that \u201cthe tool provides the forensic language researcher with a remarkable sample of disputed texts for forensic linguistic analysis\u201d. They also added that the analytical approach of this tool \u201cprovides full comparison of all the results obtained and graphic output\u201d (Guillen-Nieto et al., 2008, p. 14). This mirrors the practicality of using this software tool to conduct forensic corpus-based stylometric analysis within which the content of scam job offers is juxtaposed with that of authentic ones in terms of sentence length and punctuation patterns as two main features central to this study.<\/p>\n

          Adopted Framework: Aristotle\u2019s Rhetorical Triangle<\/em><\/p>\n

          In retrospect, the concept of rhetoric was first introduced by Aristotle in the 4th<\/sup> century B.C. when it was coined as \u201cRhetorica\u201d in its Greek origin which means the \u201cart of persuasion\u201d (Mshvenieradze, 2013). Being integrated into the discourse context, Aristotle\u2019s rhetoric operates at three major levels triangulating the argumentative context and constituting the Aristotelian Triad. These levels are: Logos, Ethos, and Pathos (Murthy & Ghosal, 2014). While these components complement each other is fostering persuasion and manipulation within a given scope, each element functions at a different level.<\/p>\n

          According to Nurrosyidah (2016), logos is a pivotal component of rhetoric within which persuasion and manipulation are established through reasoning, logical arguments, and factual data. It contributes to influencing the audience\u2019s behavior through strengthening the speaker\u2019s argument and fostering credibility. However, Aristotle\u2019s ethos operates at the level of trustworthiness, emphasizing the power of the speaker\u2019s identity and position in gaining the audience\u2019s trust, and accordingly, establishing persuasion and manipulation (Perloff, 2003). Finally, \u201cAristotle\u2019s \u2018Rhetoric\u2019 Pathos is the power with which the writer\u2019s (speaker\u2019s) message moves the audience to his or her desirable emotional action \u2026 It is important to know not only how the orator can express but how he or she can by help of discourse cause favorable emotions, like anger, insult, empathy, fear, confusion, etc.\u201d (Amossy, 2000, p. 178). All in all, combining these components under the umbrella of Aristotle\u2019s Triad means that the writer\/speaker strategically varies the use of logic, emotions, and trustworthiness to demonstrate rhetorical influence and manifest the power of persuasion.<\/p>\n

          In light of the illustrated theoretical framework, this study adopted the Aristotelian Triad to investigate how scammers deploy its components to deceive their victims. Through this study, the researcher approached the studied corpus through a critical analytical lens attempting to highlight the major rhetoric device underlying deception and fraud in scam job offers. This provided a robust theoretical background portraying the linguistic and communicative strategies underlying e-fraud as a serious matter hindering cybersecurity.<\/p>\n

          Results and Discussion<\/strong><\/p>\n

          Identifying Deception Indicators in Scam Job Offers Compared to Genuine Ones<\/em><\/p>\n

          To uncover the diverse deception indicators characterizing e-fraud in scam job offers, the researcher conducted a comparative digital textual analysis in which scams and authentic offers were explored. The analytical process primarily involved examining word occurrences through investigating frequency hits and concordance lines. Besides, n-grams and collocates in each corpus were studied and juxtaposed to illustrate the lexical and semantic features distinguishing scam job offers from genuine ones.<\/p>\n

          In this context, the researcher randomly selected some keywords and investigated their frequency of occurrence in each corpus. One search term was \u2018friend*\u2019<\/em> as it provides insights into the degree of formality\/informality in each of the studied job offers. As displayed in Table 1<\/strong>, the term \u2018friend*\u2019<\/em> yielded 0 hits in the corpus of genuine job offers and 7 hits in the context of scam job offers. This shows that the degree of formality is poor in scams as scammers lack the skills needed to professionally communicate with recipients regarding recruitment matters.<\/p>\n\n\n\n\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          Similarly, in the case of the search term \u2018CV\u2019<\/em>, the obtained results asserted the lack of professionalism in scam job offers. As shown in Table 2<\/strong>, the search term \u2018CV<\/em>\u2019 returned 0 concordance hits in the corpus of scam job offers, while 16 hits were obtained at the level of authentic offers. The fact that real recruitment offers require the receivers to share their Curriculum Vitae (CV) to assess their eligibility based on their career summary serves as a pivotal indicator of the flaws of scam offers. Therefore, the absence of the term \u2018CV\u2019<\/em> together with the presence of informal language such as \u2018friend*\u2019<\/em> function as a lucid indicator of the inauthenticity and deception in scam job offers.<\/p>\n\n\n\n\n
          <\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          Moreover, in terms of respecting the receiver\u2019s privacy, authentic job offers are rarely expected to require the receiver to share personal information. Conversely, scammers tend to hunt on sensitive data, therefore, their offers are expected to drive the receiver to fall into their trap by sharing personal data. This is further asserted through investigating the search term \u2018contact address\u2019<\/em> in both corpora. Table 3<\/strong> shows that 0 hits were obtained in the context of genuine offers while 7 hits appeared in the corpus of scam recruitment offers. Therefore, inquiring about personal information is another indicator of deception characterizing scam job offers as a critical form of e-fraud.<\/p>\n\n\n\n\n\n\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          In a similar \u00a0vein, unlike professional recruiters, scammers usually rely on financial promises to persuade their victims and influence their behavior. This feature is asserted by the search carried out on the terms \u2018pay|paid\u2019<\/em> in AntConc. The findings revealed that this search term yielded 0 hits in the context of genuine offers, while 15 occurrences were reported at the level of scam job offers. This is displayed in Table 4<\/strong>. Similarly, searching for \u2018money\u2019<\/em> as a part of the semantic field of the previous search term asserts the previously obtained results. As shown in Table 5<\/strong>, the search term \u2018money\u2019<\/em> returned 0 hits in the corpus of authentic offers while 8 hits were obtained in scams. Thus, this serves as another critical indicator differentiating genuine offers from scams.<\/p>\n\n\n\n\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n\n\n\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          In line with the illustrated concordances, investigating collocates also provided deep insights into deception indicators characterizing scam job offers. At this level, the researcher explored the company of common terms characterizing job offers and identified their contextual use. For example, the term \u2018dear\u2019<\/em> is a common term in the greeting of emails. However, Table 6<\/strong> shows that despite its presence in both scam and genuine mails, its collocation varied widely. The results showed that the term \u2018dear\u2019<\/em> existed 13 times in each corpus, yet it collocated with professional terms in authentic offers, mainly \u2018recipient\u2019<\/em>, while it had 7 collocations with \u2018friend\u2019<\/em> in scam offers and 6 times with \u2018Sir\u2019<\/em>. This emphasizes the significance of considering both hits and context in exploring the use of any term. In this case, although the term \u2018dear\u2019<\/em> yielded equal number of hits in both corpora, the company it had in authentic offers broadly differed from that in scam offers since the former had a professional collocation while the latter involved instances of informality. Thus, this serves as a critical indicator of deception characterizing scam job offers.<\/p>\n\n\n\n\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          Proceeding with the scope of collocation, exploring the collocation of \u2018share|send\u2019<\/em> in both corpora yielded significant results. Table 7<\/strong> shows that \u2018share|send\u2019<\/em> existed 20 times in authentic offers and mainly collocated with \u2018CV, further details, etc.\u201d. Besides, the recipient was kindly and professionally invited to share their CV as reflected by the words and phrases such as \u2018please, kindly, I\u2019d be happy to, etc.\u201d.<\/em> Conversely, the search term\/s \u2018share|send\u2019<\/em> returned only 4 hits in scam job offers and did not collocate with professional terms. Instead, recipients were required to share personal information such as \u2018contact address\u2019<\/em>, and the sender seemed to lack professional communicative skills as there are instances of authoritarian commands such as \u2018do send me\u2019 in<\/em> requesting any information from the recipients. Therefore, this presents a lucid demonstration of the professional, communicative, and linguistic flaws characterizing scam job offers and serving as deception indicators within this context.<\/p>\n

          In line with the investigated concordances and collocates, n-grams\/clusters also provide a fertile window into uncovering deception through text mining. To explore frequent lexical characterizing each of the studied corpora, the researcher looked up 3-grams, 4-grams, and 5-grams as a sample of the recurrent linguistic patterns occurring in scam and genuine job offers. Table 8 <\/strong>displays the reported findings. As shown in Table 8<\/strong>, the top 10 frequencies of the studied n-grams in genuine job offers mainly include identifying information, salutations, and email closing such as \u2018company name, dear recipient name, forward to hearing from you, etc.\u201d<\/em>. This type of information is usual in professional recruitment offers.<\/p>\n\n\n\n\n
          <\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n\n\n\n\n
          <\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          Nevertheless, investigating the first 10 frequencies in scam job offers revealed uncommon patterns for the studied n-grams. These patterns included \u2018canada america and, america and europe, who can help, etc.\u2019<\/em>. The obtained results in terms of 3-grams, 4-grams, and 5-grams served both a quantitative and qualitative function. The reported frequencies and the displayed rank of recurrent patterns defined word sequences and occurrences in each corpus. Besides, the carried-out comparison illustrated the linguistic content and collocations differentiating scam offers from genuine ones. Therefore, through this analysis of n-grams, the frequent linguistic patterns and collocational clusters of scam job offers were differentiated from authentic ones, serving as a lucid indicator of deception.<\/p>\n

          Drawing on the findings brought forth by the conducted comparative text mining analysis, it is revealed that words\u2019 hits, frequencies, collocations, and clustering patterns provide detailed insights into identifying deception indicators. Compared to genuine job offers, scam offers lack professionalism and often violate professional ethical standards mainly by disrespecting privacy concerns. Besides, the unrealistic financial promises also serve as clear indicators of deception and e-fraud. At the level of collocates, the formal context of authentic offers compared to the informality displayed in the context of scams also functions as a critical feature differentiating real offers from scams. Moreover, the analysis of selected n-grams revealed the lexical patterns and clusters characterizing scam recruitment offers. Together, these features function as critical indicators of deception.<\/p>\n

          A Forensic Stylometric Analysis of Scam Versus Authentic Recruitment Offers<\/em><\/p>\n

          In line with the conducted text mining, the researcher also delved into stylometric analysis as a critical investigative procedure characterizing forensic linguistic analysis. Grounded in corpus linguistics, stylometry is a computational tool through which e-fraud is effectively investigated within the realm of forensic linguistics. Through the conducted stylometric analysis, the researcher explored the style of scam job offers and compared it to that of genuine ones. This provided insights into the diverse style markers distinguishing authentic offers from scams in terms of the sentence length and punctuation patterns. As illustrated before, only the email body was considered at this level to avoid any algorithmic errors in identifying real linguistic sentences due to line breaks.<\/p>\n

          In terms of the sentence length, Figure 1<\/strong> shows the variation between genuine and scam job offers. While the y-axis denotes the sentence count, the x-axis represents the number of words contained in each sentence. This is briefly clarified below:<\/p>\n

          X-axis= the number of words in each sentence<\/p>\n

          Y-axis= the number of sentences corresponding to the word counts displayed on the X-axis<\/p>\n\n\n\n\n
          <\/td>\n<\/tr>\n
          <\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

          Signature Stylometric System (1.0)<\/em> measures sentence length according to the number of words making up a sentence. Besides, for a string of words to be counted as a sentence, it should end with a period, a question mark, or an exclamation mark. Signature Stylometric System (1.0)<\/em> follows this punctuation convention in detecting sentences. Accordingly, Figure 1<\/strong> shows that the selected corpus of genuine job offers consists of 155 sentences while that of scam job offers includes 121 sentences. At the level of genuine job offers, the graph portrays that the majority of sentences (20 sentences) often include 14 words\/sentence, which is a linguistically appropriate length of a sentence in the email context. In addition, the graph reveals that the sentence length in this dataset mainly ranges between 2 to 33 words\/sentence, showing a usual and logical distribution in natural written discourses, mainly in the email context. Moreover, this reflects the regularity and homogeneity among sentences, offering a smooth flow of meaning and enhancing the communicative purpose of the shared message.<\/p>\n

          On the other hand, scam job offers involve an atypical word count making up sentences. As reflected in Figure 1<\/strong>, sentences\u2019 length in the context of scam job offers oscillates between two divergent points, particularly, 1 to 63 words\/sentence. This vast span mirrors the lack of consistency and homogeneity among sentences, showing their poor linguistic structure. Besides, having 2 occurrences of 1-word sentences reflects issues either in structure or in punctuation which are serious flaws characterizing scam offers. Moreover, the presence of 48-word, 53-word, and 63-word sentences together with 1-word and 2-word sentences in the same dataset mirrors poor regularity and lack of professionality as two critical features characterizing the style of scams. Therefore, unlike genuine job offers emails which adhere to proper linguistic standards and involve a homogenous distribution of sentences, scams lack the proper linguistic style needed in constructing a balanced, consistent, and communicative context due to the irregular variation and poor consistency in sentence length.<\/p>\n

          In line with the sentence length, punctuation patterns also serve as pivotal style markers distinguishing genuine job offers from scams. As displayed in Figure 2<\/strong>, the studied corpus of genuine job offers includes 279 punctuation marks, with a variety of types, particularly, 135 periods, 11 exclamation marks, 9 question marks, 103 commas, 0 semicolons, 5 colons, 12 dashes, and 2 pairs of brackets. Linked to the aforementioned analysis of sentence numbers and length, the distribution of commas shows harmony with the average sentence length. Also, the sum of periods, exclamation marks, and question marks denoting the end of sentences is: 135+11+9=155. This sum matches the total number of sentences displayed in Figure 1<\/strong>, which asserts that no flaws or errors exist in the studied dataset.<\/p>\n

          Figure <\/strong>2<\/strong><\/p>\n

          Punctuation frequencies in genuine and scam job offers<\/em><\/p>\n

          However, although the corpus of scam job offers includes a variety of punctuation marks, their distribution involves some errors and the sum of periods, exclamation marks, and question marks showing sentence endings does not match the total number of sentences displayed in Figure 1<\/strong>. In specifying the displayed punctuation marks, Figure 2<\/strong> shows that the corpus of scam job offers includes 115 periods, 1 exclamation mark, 0 question marks, 110 commas, 0 semicolons, 14 colons, 3 dashes, and an odd number of brackets, i.e., 13 left brackets and 14 right brackets. Starting with sum of sentence ending punctuation marks, the total number of periods, exclamation marks, and question marks denoting sentence endings is: 115+1+0=116. This number (116) does not match the total number of sentences in scam job offers displayed in Figure 1, <\/strong>which is 121. This means that some sentences were left unpunctuated although they were followed by a line break denoting the shift into a new sentence. Additionally, the presence of an odd number of brackets reveals the lack of correctness and accuracy in the investigated dataset. Hence, these are serious errors characterizing scam job offers and acting as style markers differentiating scams from authentic job offers.<\/p>\n

          The Deceptive Strategies of Scam Job Offers as Perceived through the Aristotelian Triad <\/em><\/p>\n

          In addition to the conducted digital and computational analysis, the researcher also carried out theoretical linguistic analysis grounded in Aristotle\u2019s Rhetorical Triangle <\/em>as a theoretical framework. This approach assisted in uncovering deception indicators through a qualitative interpretive lens structured on the use of rhetoric as a persuasive strategy in scam job offers. According to the Aristotelian Triad, <\/em>rhetoric is constructed through ethos, pathos, and logos. At the level of ethos as a central element of trustworthiness, scammers lack the authorized identity needed in establishing reliability and enhancing credibility. Thus, they often invent stories to enforce the power of ethos in establishing persuasion and manipulation. For example, scammers pretend to be representatives of companies, and they often impersonate international and reputable companies to enforce the power of ethos as a critical rhetorical element fostering persuasion. This is displayed in saying \u201cwe are a company who deal on mechanical equipment\u2026, I am Mr. [SPAM_SENDER], managinig director of [COMPANY_NAME]\u2026, I represent [COMPANY_NAME] import and export company\u2026, My name is [SPAM_SENDER], CEO of [COMPANY_NAME] [CITY_NAME]\u2026\u201d. Providing this type of data functions as a significant tool in deceiving the recipients through appearing legitimate and establishing trust with the recipient.<\/p>\n

          In line with fabricated ethos, scammers mainly benefit from emotional appeal as a powerful means of persuasion. At this level, pathos is activated in terms of exaggerated promises and amplified care and interest in the recipient\u2019s skills. In other words, scammers usually rely on fake financial promises to convince their victims of certain operation needed in executing their fraudulent activity. Some instances of these promises include \u201cyou will receive 10% of the total amount, earn 10% of every payment made through you to us, you will receive 5% of whatever amount you clear for the company, etc.\u201d. As these assurances appeal to the victim\u2019s emotions, they are expected to respond to the scammer\u2019s requests, and eventually, fall as victims of e-fraud through sharing personal information or even paying advance fees. Besides, some other instances of pathos are displayed in scammers\u2019 salutations and closings such as \u201cDear friend, yours truly, etc.\u201d. This is a strategic trick used as an icebreaker to implicitly instigate positive emotions in the recipient.<\/p>\n

          At the level of logos, this is poorly displayed in scam job offers compared to other rhetorical elements. Some instances of logos overlap with ethos, manifested in inventing stories and fake numbers to influence the recipient\u2019s behavior. This strategy enhances the credibility and trustworthiness of the scammers and simultaneously provides a logical and reasonable appeal for the recipient. This is displayed in saying \u201cIt is upon this note that we seek your assistance to stand as our representative in your country\u2026, We are one of the fastest growing software company based in\u2026, your basic task will consist of checking emails, processing orders and receiving payments on behalf of [COMPANY_NAME], etc.\u201d. Providing this type of information aligns with the natural procedures and responsibilities of real companies. This serves as a reasonable factor driving the recipients to reply to the scammers\u2019 messages in which they fall into the trap.<\/p>\n

          Therefore, through the lens of the Aristotelian Triad<\/em>, it was illustrated how scam job offers deploy rhetorical components as persuasive strategies enforcing their fraudulent activities. Since e-fraud in this context is practiced via language, it is thus made clear how language is not only a means of communication, but it is also a critical tool through which cybersecurity is either supported or hindered. In deploying ethos, pathos, and logos, scam job offers victimize the recipients and invisibly manipulate their behavior.<\/p>\n

          In light of the conducted digital and theoretical analysis, it is concluded that informality, poor professionalism, privacy disrespect, and exaggerated promises are lucid indicators of deception. In addition, the lack of consistency and poor regularity and homogeneity in sentence length, coupled with the unbalanced and incorrect punctuation patterns, are common flaws distinguishing scams from genuine offers. Besides, the deployment of ethical, emotional, and logical appeal is a common feature characterizing the persuasive strategy of scams.<\/p>\n

          Conclusion<\/strong><\/p>\n

          Throughout the conducted study, the interplay between language, cybersecurity, and e-fraud is demonstrated. The performed text mining processes uncovered different linguistic components serving as deception indicators in scam job offers. Besides, the executed forensic stylometric analysis provided evidence-based insights into the diverse style markers distinguishing scams from genuine offers in terms of their sentences length and punctuation patterns. Identifying these indicators through the lens of forensic linguistics contributes to fostering cybersecurity and limiting the spectrum of language crimes manifested in the realm of e-fraud. In addition, the adoption of the Aristotelian Triad <\/em>supported the conducted digital analysis showing that scammers often deploy ethos, pathos, and logos as critical rhetoric elements contributing to manipulating the victims\u2019 behavior and fostering persuasion. Building on the unveiled deception indicators, this study responded to a serious issue impeding digital users\u2019 experience in the cyberworld. This offered a crystallized demonstration of the power of language and the effectiveness of forensic linguistics in resolving real-life issues and assisting the justice through detecting cyber fraud. Hence, this study extends beyond the traditional scope of language, touching on a serious language crime and offering clear insights into the different indicators distinguishing genuine job offers from scams. This contributed to supporting cybersecurity as a substantial matter indispensable in today\u2019s cyberspace.<\/p>\n

          References<\/strong><\/p>\n

          Ahmed, H. (2021). The role of forensic linguistics in crime investigation: Uses in legal proceedings. Anglisticum Journal (IJLLIS)<\/em>, 10<\/em>(2), 23-31. https:\/\/doi.org\/10.5281\/zenodo.4609333<\/a><\/p>\n

          Ali, J. (2020). Forensic linguistics: A study in criminal speech acts. BSU International Journal of Humanities and Social Science, 2<\/em>(1), 39-65.<\/p>\n

          Amossy, R. (2000). L\u2019Argumentation dans le discours. Paris: Nathan Univertsty.<\/p>\n

          Anthony, L. (2004). AntConc: A Learner and Classroom Friendly, Multi-Platform Corpus Analysis Toolkit<\/em>. IWLeL 2004: An Interactive Workshop on Language e-Learning, pp. 7- 13.<\/p>\n

          Anthony, L. (2020). AntConc (Version 3.5.9) [Computer Software]. Tokyo, Japan: Waseda University. https:\/\/www.laurenceanthony.net\/software\/antconc\/releases\/AntConc359\/AntConc_64 bit.exe<\/a><\/p>\n

          Ariani, M., Sajedi, F., & Sajedi, M. (2014). Forensic linguistics: A brief overview of the key elements. Procedia- Social and Behavioral Sciences, 158<\/em>, 222-225.<\/p>\n

          Creswell, J. W. (2014). Research design: Qualitative, quantitative, and mixed methods approaches <\/em>(4th ed.). Sage Publications.<\/p>\n

          Dzomira, S. (2014). Electronic fraud (cyber fraud) risk in the banking industry, Zimbabwe. Risk Governance & Control: Financial Markets & Institutions, 4(<\/em>2), 16-26.<\/p>\n

          Dusane, S. (2021). Forensic linguistics –\u00a0 An emerging area in law and justice. International Journal of Law Management & Humanities, 4<\/em>(3), 5170-5179. https:\/\/doij.org\/10.10000\/IJLMH.111118<\/a><\/p>\n

          Fromkin, V., Rodman, R., & Hyams, N. (2014). An introduction to language<\/em>. Boston: Wadsworth.<\/p>\n

          Galinec, D., Mo\u017enik, D., & Guberina, B. (2017). Cybersecurity and cyber defence: national level strategic approach. Automatika, 58<\/em>, 273 – 286. https:\/\/doi.org\/10.1080\/00051144.2017.1407022<\/a>.<\/p>\n

          Geeta, D. V. (2011). Online identity theft-an Indian perspective. Journal of Financial Crime, 18<\/em>(3), 235-246. Emerald Group Publishing Ltd.<\/p>\n

          Guillen-Nieto, V., Vargas-Sierra, C., Pardino-Juan, M., Martinez-Barco, P., & Suarez-Cueto, A. (2008). Exploring state-of-the-art software for forensic authorship identification. IJES, 8<\/em>(1), 1-28.<\/p>\n

          Ham, J. (2021). Toward a better understanding of \u201ccybersecurity\u201d. Digital Threats: Research and Practice, 2<\/em>(3), 1-3. https:\/\/doi.org\/10.1145\/3442445<\/a>.<\/p>\n

          Kolupuri, S., Paul, a., Bhowmick, R., & Ganguli, I. (2025). S<\/strong>cams and frauds in the digital age: ML-based detection and prevention strategies. In Proceedings of the 26th International Conference on Distributed Computing and Networking<\/em> (1-6). ACM. http:\/\/dx.doi.org\/10.1145\/3700838.3703672<\/a><\/p>\n

          Kumar, R. (2011). Research methodology: A step-by-step guide for beginners<\/em> (3rd ed.). Sage.<\/p>\n

          Kuzior, A., Tiutiunyk, I., Zieli\u0144ska, A., & Kelemen, R. (2024). Cybersecurity and cybercrime: Current trends and threats. Journal of International Studies, 17(<\/em>2), 220 239. doi:10.14254\/2071-8330.2024\/17-2\/12<\/p>\n

          MacLeod, N., & Wright, D. (2020). Forensic linguistics. In S. Adolphs & D. Knight (Eds)., Routledge handbook of English Language and digital humanities<\/em> (pp. 360-377). Routledge.<\/p>\n

          McMenamin, G. (2002). Forensic linguistics: Advances in forensic stylistics<\/em>. USA: CRC Press.<\/p>\n

          Mijwil, M., Unogwu, O., Filali, Y., Bala, I., & Al-Shahwani, H. (2023). Exploring the top five evolving threats in cybersecurity: An in-depth overview. Mesopotamian Journal of Cyber Security<\/em>, 57-63. https:\/\/doi.org\/10.58496\/mjcs\/2023\/010<\/a>.<\/p>\n

          Momeni, N. (2012). \u2018Fraud in judicial system\u2019 as a language crime: Forensic linguistics approach. Theory and Practice in Language Studies, 2<\/em>(6), 1263-1269. doi:10.4304\/tpls.2.6.1263-1269<\/p>\n

          Mshvenieradze, T. (2013). Logos, ethos and pathos in political discourse. Theory and Practice in Language Studies, 3<\/em>(11), 1939-1945.<\/p>\n

          Murthy, M. L., & Ghosal, M. (2014). A study on Aristotle\u2019s rhetoric. Research Journal of English Language and Literature, 2<\/em>(4), 249-255.<\/p>\n

          National Institute of Standards and Technology. (2018). Framework for improving critical infrastructure cybersecurity <\/em>(Version 1.1) [Technical report]. https:\/\/doi.org\/10.6028\/NIST.CSWP.04162018<\/a><\/p>\n

          Nurrosyidah, H. Y. (2016). Persuasive strategies in Joko Widodo\u2019s political speeches<\/em> [Bachelor\u2019s Thesis, Maulana Malik Ibrahim State Islamic University]. https:\/\/core.ac.uk\/download\/pdf\/44743443.pdf<\/a><\/p>\n

          Obeyd, S. (2021). Research methods in linguistics: An Overview. Studies in Linguistics, <\/em><\/p>\n

          Culture, and FLT, 9<\/em>(1), 54-82. 10.46687\/SILC.2021.v09i01.004<\/p>\n

          Olsson, J. (2004). Forensic linguistics: An introduction to language, crime, and the law<\/em>. New York: Continuum.<\/p>\n

          Perloff, R. M. (2003). The dynamics of persuasion. Communication and attitudes in the 21st century<\/em>. Mahwah, N.J.: Lawrence Erlbaum Associates.<\/p>\n

          Ramezani, F., Khosousi, A., & Moghadam, K. (2016). \u00a0Forensic linguistics in the light of crime investigation. Pertanika Journal, 24<\/em>(1), 375-384.<\/p>\n

          Sakakini, A. (2020). Forensic linguistics: An applied theory. BAU Journal – Society, Culture and Human Behavior, 1<\/em>(2). https:\/\/doi.org\/10.54729\/2789-8296.1022<\/a><\/p>\n

          Shuy, R.W. (2006). Linguistics in the courtroom: A practical guide<\/em>. New York: Oxford University Press.<\/p>\n

          Sousa-Silva, R. (2024). Fighting cyber-malice: A forensic linguistics approach to detecting ai-generated malicious texts. In Proceedings of the 1st International Conference on NLP & AI for Cyber Security <\/em>(pp. 164-174). https:\/\/www.researchgate.net\/publication\/385312304_Fighting_Cyber-malice_A_Forensic_Linguistics_Approach_to_Detecting_AI-generated_Malicious_Texts<\/a><\/p>\n

          Syam, S. (2018). Aspects of forensic linguistics in policing. Language in India, 18<\/em>(12), 100-111.<\/p>\n

          Verizon Business. (2024). 2024 Data Breach Investigations Report. <\/em>https:\/\/www.verizon.com\/business\/resources\/reports\/2024-dbir-data-breach-investigations-report.pdf?utm_source=chatgpt.com<\/a><\/p>\n

          Williams, M. (2001). The language of cybercrime. In D. S. Wall (Ed.), Crime and the Internet<\/em> (pp. 152\u2013166). Routledge.<\/p>\n

          [1]<\/a> \u00a0A PhD student in English Linguistics at the Lebanese University- Doctoral School of Literature, Humanities & Social Sciences<\/p>\n

          \n","protected":false},"excerpt":{"rendered":"

          Forensic Linguistics and Cybersecurity Combined: Investigating E-Fraud through Language \u062f\u0645\u062c \u0627\u0644\u0644\u0651\u0633\u0627\u0646\u064a\u0651\u0627\u062a \u0627\u0644\u062c\u0646\u0627\u0626\u064a\u0651\u0629 \u0628\u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u0651\u064a\u0628\u0631\u0627\u0646\u064a\u0651: \u0627\u0644\u062a\u0651\u062d\u0642\u064a\u0642 \u0627\u0644\u0644\u0651\u063a\u0648\u064a\u0651 \u0641\u064a \u0627\u0644\u0627\u062d\u062a\u064a\u0627\u0644\u00a0\u0627\u0644\u0627\u0644\u0643\u062a\u0631\u0648\u0646\u064a\u0651 Nidaa Mercel Al Saifi[1] \u0646\u062f\u0627\u0621 \u0645\u0631\u0633\u0644 \u0627\u0644\u0635\u0651\u064a\u0641\u064a \u062a\u0627\u0631\u064a\u062e \u0627\u0644\u0627\u0633\u062a\u0644\u0627\u0645 3\/ 10\/ 2025 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u062a\u0627\u0631\u064a\u062e \u0627\u0644\u0642\u0628\u0648\u0644 30\/ 11\/2025 \u0644\u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0628\u062d\u062b \u0628\u0635\u064a\u063a\u0629 PDF Abstract Within the cyberworld, language is a crucial component through which the entire communicative process …<\/p>\n","protected":false},"author":6,"featured_media":1142,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[47,51],"tags":[63],"class_list":["post-1179","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-47","category-51","tag-63"],"_links":{"self":[{"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/posts\/1179","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1179"}],"version-history":[{"count":3,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/posts\/1179\/revisions"}],"predecessor-version":[{"id":1202,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/posts\/1179\/revisions\/1202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=\/wp\/v2\/media\/1142"}],"wp:attachment":[{"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1179"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1179"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.al-manafeth.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1179"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}