PHISHING URL DETECTION A REAL-CASE SCENARIO THROUGH LOGIN URLS

Abstract

Phishing attacks, where malicious actors attempt to deceive users into divulging sensitive information through fake websites, have become a significant cybersecurity threat. One common tactic is to create fake login pages that mimic legitimate websites to steal user credentials. This study focuses on the detection of phishing URLs in real-case scenarios, specifically through the analysis of login URLs. Phishing attacks have evolved to become more sophisticated, making it challenging for users to distinguish between legitimate and fake websites. Phishers often use login pages of popular services, such as banking, email, and social media platforms, to lure victims into revealing their login credentials. Detecting these phishing URLs is crucial to protecting users from identity theft, financial loss, and unauthorized data access. In this research, a methodology is proposed to detect phishing URLs in real-case scenarios, with a specific emphasis on login URLs. The methodology combines machine learning techniques, web content analysis, and URL characteristics assessment. Features such as domain similarity, SSL certificate validity, page content analysis, and URL structure are utilized to determine the likelihood of a URL being a phishing attempt.