Phishing URLs are malicious links that cybercriminals use to obtain sensitive information from users by using social engineering techniques. This can include login credentials, employee ID/passwords and credit card numbers.
Detect phishing URLs is a crucial issue for any organization because it can be very damaging to the business. It is important for organizations to ensure that they have a strong security awareness and training program in place.
A phishing URL is a fraudulent website that pretends to be a legitimate website, luring users into giving out sensitive information and allowing attackers to perform limitless post-exploitation attacks. Fortunately, some email applications have built-in link protection and URL filtering that will compare the URLs a user is trying to access with a list of blocked or malicious ones.
How to Spot a Phishing URL: Tips and Techniques for Staying Safe Online
In this paper, we propose a novel URL phishing detection technique that employs BERT feature extraction and machine learning algorithms to identify phishing web pages. This enables the system to make a rapid decision and reduces the time required for feature extraction, classification, and final output generation.
Features That Define a Phishing Website
In the first stage of phishing webpage detection, we extract 14 features from benign and phishing webpages to train the model. These features include number of slashes in the URL, length of the URL, dot in the host name of the URL, top level domain does not exist and keyword in the path portion of the URL. The resulting heuristics are used for association rule mining to identify the legitimate and phishing webpages.