Finding phish faster

A new approach to detecting malicious websites, known as phishing sites, is revealed in the International Journal of Internet Technology and Secured Transactions.

Phishing sites can steal personal information such as logins and bank details, breach your privacy, and even enlist your computer and other internet devices into networks of computers to perpetuate themselves or other malware. Links to phishing sites and pages are often embedded in emails and other communications and disguised as legitimate messages from a trusted source, such as one’s bank, utility provider, shop, or other business or organization. They are often very well disguised and even experienced users are occasionally hooked and suckered into clicking such links. Other phishing attacks might exploit hacked websites, banner ads, and even a user misspelling a legitimate website address.

Now, Youness Mourtaji and Mohammed Bouhorma of The University of Abdelmalek Essaadi, in Tangier, Morocco, and Daniyal Alghazzawi of the King Abdulaziz University, in Jeddah, Saudi Arabia, have adopted a hybrid framework that allows them to detect a phishing site or page. A positive detection would then be used to block the link before the user is duped into following the link in their application and their data and connection being compromised.

The team’s tests and comparisons with other approaches show over 99 percent accuracy with the hybrid approach that utilizes both a static and a dynamic detection process. This compares to just over 80 percent accuracy with the static or dynamic processes running alone. The process is a lot faster than at least two well-known antivirus packages that have built-in phishing protection.

Mourtaji, Y., Bouhorma, M. and Alghazzawi, D. (2020) ‘New hybrid framework to detect phishing web pages, based on rules and variant selection of features’, Int. J. Internet Technology and Secured Transactions, Vol. 10, No. 6, pp.740–757.