phishing website test can steal personal information such as usernames, passwords and credit card details. They usually have a form for users to enter this data which is then passed on to attackers. Therefore, the detection of phishing website is an important task for online security. This article aims to identify some of the key indicators of a phishing website so that preventative measures can be put in place.
Domain Reputation Metrics: Tracking Performance and Progress
Using a combination of feature selection and machine learning classifiers, the authors developed an intelligent ensemble approach for phishing website identification. Using this method, the authors were able to achieve a classification accuracy of 95% and an area under the curve of 98.8%. This result outperformed previous work on phishing website testing by an impressive margin.
Suspicious Form Link Action
Phishers use fake websites to steal user data and passwords. To do this, they copy the source code of a real website and add some malicious codes to make it look like a phishing site. One of the signs of a phishing website is when the form> tag contains external links or PHP files. Therefore, this feature evaluates the value of the action field of the form> tag and checks whether it has a null or empty value.
Internal Hyperlink ratio
Most phishing sites have lots of external hyperlinks while official websites have a small number of them. To differentiate a phishing website from a legitimate one, this feature uses the ratio of the number of hyperlinks that point to foreign domains to the total number of links in the source code. If the ratio is high, it is likely that the site is a phishing website.