Phish Muzzle: This Fish Won’t Bite

Published in Masters thesis, University of California Los Angeles (ProQuest Dissertations Publishing 2017), 2017

[Website]

Abstract

Phishing as an attempt to obtain sensitive information from users using deceitful methods. Email Phishing is done using email as the method of delivery for the attack and targeted email phishing or Business Email Compromise (BEC) are more difficult to detect as they cannot be detected by regular spam filters. Difficulty of detection makes targeted email phishing one of the hardest problem to solve. We present a new method to detect email spear phishing attacks using a method that is less taxing on the machine resource as compared to a spam filter which uses machine learning. We have implemented the scheme as a plugin to outlook and report our performance and effectiveness based on CSDMC2010 SPAM, Enron and Spam Assassin dataset with a total of 25,834 spam emails and 41,320 ham emails.