Abstract

Phishing is a cyber threat where attackers create deceptive websites or emails to exploit individuals for fraudulent purposes such as providing sensitive information like usernames, passwords, or financial details. Hence, detecting phishing emails is of paramount importance to protect sensitive information, preventing financial losses, protecting against identity theft, and maintaining trust. This study employs machine learning techniques to classify and categorize websites that are used for phishing attacks. To achieve this, we proposed a classification model for the detection of phishing domains based on classification rules. These rules were formulated based on analyzing and distributing them into three classifiers: domain name features, search engine opinion (SEO) information of the domain, and security scans by security vendors. A total of eleven classification rules were formulated which were distributed as follows: six rules for the first classifier, four rules for the second classifier, and one rule for the third classifier. Each classifier feeds its results to the main classifier, which then evaluates the received results based on its rules. Domain names from 222 confirmed phishing URLs were used to test the suggested model. The model demonstrated exceptional performance, achieving an impressive accuracy rate of 99.1% during testing.