Phishsniper - Smart Phishing Link Detector

Abstract

(in 250 words) with our lives in the digital age, daily life is experienced online cybersecurity has taken center stage. Phishing attacks are common with the rise of internet usage and are threats to cybersecurity. Phishers have been able to trick users into divulging sensitive information. Phishing attacks via emails have become more common and harder to identify. There is a huge requirement for an intelligent, automatic solution to identify and warn users of the phishing links. The attacker impersonates as reliable and sends false messages regularly via Email. The user clicks on such spammy links leading the user to imitative website. This research presents Phishsniper a phishing link detection system that well protects email users. It is created in a way that it checks the inbox of users through authenticated APIs. It picks up and examines in-embedded URLs for phishing signs such as incorrectly spelled domains, stealthy redirects, usage of IP addresses etc. It also validates URLs through authenticated threat intelligence APIs. Our design is a proactive firewall against web threats. It integrates smart URL analysis with AI-driven detection algorithms and threat intelligence feeds from multiple sources. Collectively these ingredients actively work to detect malicious links, notifying users so they can steer clear of being victimized by fraud. This article examines PhishSniper\'s design, implementation, test results, and potential future enhancements.

Introduction

Email remains one of the most common forms of digital communication but is also a primary target for phishing attacks that lead to data breaches and financial losses. To combat this, the study presents PhishSniper, an intelligent phishing link detection system that protects users by automatically analyzing URLs embedded in emails. Unlike traditional pattern-matching techniques, PhishSniper leverages machine learning (ML), deep URL feature analysis, and real-time threat intelligence to identify evolving phishing attempts accurately.

The literature review highlights advancements in phishing detection, including multimodal graph learning (Kavya & Sumathi, 2022), NLP-based email analysis (Salloum et al., 2022), and machine learning classifiers such as SVM, Random Forest, and Gradient Boosting. Prior systems like PhishStorm and PhishNet emphasize real-time URL analysis and proactive blacklisting, demonstrating the growing trend toward adaptive, intelligent detection mechanisms.

The methodology of PhishSniper involves five main stages:

1. Data Collection – Balanced phishing and legitimate URLs sourced from repositories like PhishTank and UCI ML Repository.

2. Feature Extraction – Lexical and structural URL attributes (e.g., length, HTTPS presence, special characters, domain age).

3. Preprocessing – Normalization, label encoding, and dataset splitting (80:20).

4. Model Training – ML algorithms (Logistic Regression, Decision Tree, Random Forest, SVM, Gradient Boosting) trained with cross-validation.

5. Evaluation – Performance assessed via accuracy, precision, recall, F1-score, and ROC-AUC metrics.

Results show that Random Forest and Gradient Boosting achieved the best performance, offering high recall and precision with minimal false positives. Key predictors included URL length, missing HTTPS, and IP-based domains—typical of phishing attempts. The prototype dashboard visually reports detection results and enables rescanning or ML model selection.

Future work envisions expanding PhishSniper into real-time plugins for Gmail or Outlook, incorporating NLP for email content analysis, threat intelligence integration for live validation, and developing browser extensions for web-based protection.

Conclusion

PhishSniper employs URL analysis, machine learning, and real-time threat data to identify phishing links in emails. Our study shows that this system can more accurately detect phishing attempts than traditional methods, providing better protection against evolving threats. In the future, its capabilities will improve by incorporating features to check email attachments and optimizing its performance for larger systems. Overall, PhishSniper offers a strong solution for addressing the growing challenge of phishing in email security.

References

[1] S. Kavya, D. Sumathi, \"Multimodal and Temporal Graph Fusion Framework for Advanced Phishing Website Detection\", IEEE Access, vol.13, pp.74128-74146, 2025. [2] S. A. Salloum, T. Gaber, S. Vadera, and K. Shaalan, \"A systematic literature review on phishing email detection using natural language processing techniques,\" IEEE Access, vol. 10, pp. 65703–65727, Jun. 2022, doi: 10.1109/ACCESS.2022.3183083. [3] F. Jáñez-Martino, R. Alaiz-Rodríguez, V. González-Castro, E. Fidalgo, and E. Alegre, \"A review of spam email detection: analysis of spammer strategies and the dataset shift problem,\" Artif. Intell. Rev., vol. 56, no. 2, pp. 1145–1173, Feb. 2023, doi: 10.1007/s10462-022-10195-4. [4] R. A. A. Helmi, C. S. Ren, A. Jamal, and M. I. Abdullah, \"Email Anti-Phishing Detection Application,\" in Proc. 9th IEEE Int. Conf. System Eng. Technol. (ICSET), Shah Alam, Malaysia, Oct. 2019, pp. 1–6, doi: 10.1109/ICSET.2019.8906316. [5] O. K. ?ahingöz, E. Buber, Ö. Demir, and B. Diri, \"Machine learning based phishing detection from URLs,\" Expert Systems with Applications, vol. 117, pp. 345–357, 2019, doi: 10.1016/j.eswa.2018.09.029. [6] R. Brindha, S. Nandagopal, H. Azath, V. Sathana, G. P. Joshi, and S. W. Kim, \"Intelligent deep learning based cybersecurity phishing email detection and classification,\" Computers, Materials & Continua, vol. 74, no. 3, pp. 5901–5914, 2023. [Online]. Available: https://doi.org/10.32604/cmc.2023.030784. [7] A. C. Bahnsen, I. Torroledo, L. D. Camacho, and S. Villegas, \"DeepPhish: Simulating Malicious AI,\" in Black Hat Europe 2018, London, UK, Dec. 2018. [8] S. Marchal, J. François, R. State, and T. Engel, \"PhishStorm: Detecting phishing with streaming analytics,\" IEEE Transactions on Network and Service Management, vol. 11, no. 4, pp. 458–471, Dec. 2014, doi: 10.1109/TNSM.2014.2377295 [9] J. Zhang, J. Hong, and L. Cranor, \"PhishNet: Predictive Blacklisting to Detect Phishing Attacks,\" IEEE Security & Privacy, vol. 5, no. 6, pp. 19–27, Nov.–Dec. 2007 [10] R. Verma and A. Das, \"Phishing Email Detection Using Machine Learning Techniques,\" in Proc. IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), May 2017.

Copyright

Copyright © 2025 Sachin Kolekar, Vedant Mishra, Monika Matkar, Shreeviraj Matale, Ishaan Mhalgi, Mazen Adel Mohammad, Ishran Sohail. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.