Lexical URL Analysis for Discriminating Phishing and Legitimate E-Mail Messages
Faculty of Computing, Health and Science
School of Computer and Security Science / Security Research Centre (secAU)
Phishing emails contain socially engineered messages to lure victims into performing certain actions, such as clicking on a URL where a phishing website is hosted, or executing a malware code. In a previous study, we proposed a lexical URL analysis approach for detecting phishing websites. In this study, we extend the approach to the phishing email classification domain. The primary motive behind this study is that most phishing email messages contain URLs that point to phishing websites, and lexically analyzing the URLs can enhance the classification accuracy of email messages. As evaluated in this study, the addition of URL lexical analysis in phishing email classification is effective and results in a highly accurate anti-phishing email classifier.