One of your employees clicks on an email they believe came from their bank. Next thing you know your whole system is encrypted and a ransom is being demanded to decrypt the system. This is a phishing attack and is prevalent in today's technological ecosystem. This is why a tool that someone can use, but also learn from is needed.
My approach for this project is to create a program that indicates to a user if a email/text is a phishing attempt or not based on features of the email/text that the user will provide.
I will program the tool in Python. The program will start, and an interface will pop up to make it user friendly. The initial statement on the interface would be "is this a text or email?". This is because there would be different things to look for in each. After the user selects one of the options the interface will walk the user through a sort of checklist of potential features of an email/text until they arrive at the end. When the user arrives at the end the program will display whether this is a phishing attempt or not based on machine learning and what the next steps should be for the individual if this is indeed a phishing attempt.
To get scikit-learn:
pip3 install scikit-learn
After the modules are installed, successfully, run the following command in the directory with the files to start the program.
python main.py
- Phishing.org "Phishing Examples" phishing.org, https://www.phishing.org/phishing-examples. Accessed 20 Feb 2023.
- Hook Security "Phishing Email Examples." hooksecurity.co, https://www.hooksecurity.co/phishing-email-examples. Accessed 15 Feb 2023.
- Federal Trade Commission Consumer Advice "How to Recognize and Report Spam Text Messages." https://consumer.ftc.gov/articles/how-recognize-and-report-spam-text-messages. Accessed 18 Feb 2023.
- Verizon "Smishing & spam text messages" https://www.verizon.com/about/account-security/smishing-and-spam-text-messages. Accessed 19 Feb 2023.