An Intelligent Tool for Detection of Phishing Messages

Abstract

Phishing messages are a common attack on the web that results in the theft of user information. Finding a solution for this problem is a difficult task because phishers are very creative, and often it is hard even for a human to differentiate between legitimate and malign content. The goal of this project was to develop an intelligent tool for phishing detection that integrates only local information (the full content of the message) and does not rely on external (usually commercial) sources or black lists. The major focus of this paper is the selection of appropriate features to discriminate between ordinary and phishing messages and the choice of an efficient classifier. The system can dynamically update the feature list and quickly adapt to new trends of phishing attacks. The proposed tool is suitable for implementation in email accounts or any other social network or communication channel. It is intended to reduce the workload on human experts that otherwise need to go through hundreds of messages everyday to verify their authenticity.