Volume-3,Issue3,March2025 International Journal of Modern Science and Research Technology
ISSN NO-2584-2706
Detecting Phishing in Text Messages
Vanshika Sharma, Srishti Verma, Aman Singh, Dr. Tanu Gupta
Abstract:
Now a day there is a lot of data security
issues. Hackers are now very much expert
in using their knowledge for hack into
someone else’s system and grab the
information. Phishing is one such type of
methodologies which are used to acquire
the information. Phishing is a cyber
crime in which emails, telephone, text
messages, personally identifiable
information, banking details, credit card
details, password is been targeted.
Phishing is mainly a form of online
identify theft. Social Engineering is
being used by the phisher to steal
victim’s personal data and the account
details. This research paper gives a fair
idea of phishing attack, the types of
phishing attack through which the attacks
are performed, detection and prevention
towards it.
Introduction:
Phishing is the act of attempting to payoff
information such as username, password
and credit card details as a trustworthy
entity in an electronic communication.
Communication purporting to be from
popular social websites, auction sites,
online payments process or IT
administrator is commonly used to lure
the unsuspecting public. Phishing emails
may contain links to websites that are
infected with malware.
Phishing is an example of Social
Engineering. Phishing is mainly used in
email hacking, in email phishing the
hacker send a link via mail to the user of
let’s say some bank details or any
personal information, so now the user goes
to that link and fills all the detail in that
link and then the hacker gets all the
information of the user. This is how
phishing is done.
IJMSRT24MAR044 www.ijmsrt.com
DOI: https://doi.org/10.5281/zenodo.15113088
Related work:
SMS phishing, also known as smishing. It
is a deceptive practice that tricks
individuals into revealing sensitive
information through fraudulent SMS
messages. Attackers use various
techniques such as impersonation, fake
promotions, malicious links, and urgent
requests to manipulate victims into
clicking phishing links or sharing
confidential data. Smishing is a growing
cybersecurity threat, targeting financial
institutions, businesses, and individuals
worldwide.Several studies have explored
machine learning approaches for detecting
phishing SMS. Researchers have
employed classification models such as
Support Vector Machine (SVM), Naïve
Bayes (NB), Random Forest (RF), and
XGBoost to distinguish phishing SMS
from legitimate messages. Feature
extraction techniques such as TF-IDF,
Word2Vec, and GloVe embeddings have
been widely used to enhance model
performance.
Gupta et al. (2020) demonstrated that
Random Forest achieved higher accuracy
than SVM when using TF-IDF features.
Similarly, Sharma et al. (2021) compared
Logistic Regression and XGBoost,
showing that GloVe-based features
improved classification accuracy.
However, short text length and lack of
contextual information in SMS remain
major challenges in phishing detection.
Additionally, researchers have
experimented with dimensionality
reduction techniques such as PCA to
optimize feature representation and
improve classification efficiency.
Despite these advancements, challenges
such as evasive phishing techniques,
multilingual SMS phishing, and
adversarial attacks require further research.
335
Volume-3,Issue3,March2025
Our study builds upon existing work by
evaluating SVM and XGBoost classifiers
using GloVe and GloVe + PCA feature
International Journal of Modern Science and Research Technology
ISSN NO-2584-2706
extraction to improve SMS phishing
detection.

Proposed methodology: embedding technique is used to make

In this research, we use nltk, numpy ,
pandas , scipy, gensim,scikit-learn,spacy
that is a library in Python for machine
learning model development . It has a
toolset for data preparation, such as word
tokenization , and word embedding . The
word tokenization technique is used for
taking text inputs into sequential data as
index values of the words. The word
.
more dimension of sequence into vector.
After data preparation process, we train the
model based on SVM, LOGISTIC
REGRESSION, RANDOM FOREST,
XGBoost algorithms. Then, we evaluate
the performance of the models and
compare their performance with the model
based of machine learning algorithms. The
working flow of the framework

Dataset Extracting the

Data Cleaning

Feature Engineering

Model Building using

Naïve Bayes technique

Ham
Model

Prediction
Spam

 Dataset Collection: Gather a  Data Cleaning: Convert text to

dataset containing SMS messages lowercase. Remove special
labeled as phishing (spam) and characters, numbers, and
legitimate (ham). unnecessary symbols. Remove
 Extracting the Data: Load and stopwords and apply tokenization.
preprocess the dataset to make it
suitable for further processing.

IJMSRT24MAR044 www.ijmsrt.com 336

DOI: https://doi.org/10.5281/zenodo.15113088
Volume-3,Issue3,March2025 International Journal of Modern Science and Research Technology
ISSN NO-2584-2706
 Feature Engineering: Convert text  Model Evaluation: Assess the
data into numerical format using model performance using
feature extraction techniques. Use evaluation metrics such as
TF-IDF, GloVe embeddings, or accuracy, precision, recall, and F1-
PCA for dimensionality reduction. score.

 Model Building: Train machine  Prediction: Deploy the trained

learning models for classification. model to classify incoming SMS
Use algorithms such as Support messages as ham (legitimate) or
Vector Machine (SVM) and spam (phishing).
XGBoost.

Datasets which include text and number in

In this experiment, we use a SMS different length of sentences. All
spam dataset proposed by records in this dataset already
mohitgupta-1O1/Kaggle-SMS- labeled. The spam messages are
Spam-Collection-Dataset. labelled as 1 (747 records) and the
This dataset consists of normal messages are labelled as 0
approximately 5,574 records. It (4,825 records). The example of the
contains SMS text messaging dataset illustrated.
conversations in English language,

IJMSRT24MAR044 www.ijmsrt.com 337

DOI: https://doi.org/10.5281/zenodo.15113088
Volume-3,Issue3,March2025 International Journal of Modern Science and Research Technology
Models and Algorithms Used:
1. Support Vector Machine (SVM)
SVM is a powerful supervised learning
algorithm that works by finding the
optimal hyperplane to separate different
classes.It is effective for high-dimensional
text data.It uses the kernel trick to
transform non-linearly separable data into
a higher-dimensional space.
 Advantage: Works well with small to
medium-sized datasets and handles text
classification efficiently.
 Limitation: Computationally expensive
for large datasets.
2. Naïve Bayes (NB):
Naïve Bayes is a probabilistic classifier
based on Bayes' theorem with an
assumption of independence between
features.Commonly used for spam
detection due to its simplicity and
efficiency.Uses term frequency and
conditional probabilities to classify SMS
messages.
 Advantage: Fast and performs well
even with small datasets.
 Limitation: Assumption of feature
independence may not always hold in
real-world text data.
3. Random Forest (RF):
Random Forest is an ensemble learning
method that combines multiple decision
trees to improve classification
accuracy.Works by aggregating
IJMSRT24MAR044
DOI: https://doi.org/10.5281/zenodo.15113088
ISSN NO-2584-2706
predictions from multiple trees to reduce
overfitting.Suitable for handling non-linear
relationships in data.
 Advantage: Provides high accuracy and
robustness to noisy data.
 Limitation: Can be computationally
expensive and slow for very large
datasets.
4. Logistic Regression (LR):
Logistic Regression is a linear model used
for binary classification tasks.Computes
the probability of an SMS being phishing
or legitimate using the sigmoid
function.Works well when features are
linearly separable.
 Advantage: Simple, interpretable, and
effective for text classification.
 Limitation: May not perform well on
complex, non-linear relationships.
5. XGBoost (Extreme Gradient Boosting)
XGBoost is a boosting algorithm that
improves classification performance by
training weak models iteratively.Uses
gradient boosting to minimize errors and
enhance model accuracy. Handles missing
data and large-scale datasets efficiently.
 Advantage: Highly efficient, scalable,
and outperforms traditional models in
many text classification tasks.
 Limitation: Requires careful
hyperparameter tuning to avoid
overfitting.
www.ijmsrt.com 338
Volume-3,Issue3,March2025
Experiment and Results
This section presents the findings of the
proposed framework in this study. The
experiments evaluate the performance of
different machine learning models,
including SVM, Naïve Bayes, Random
Forest, Logistic Regression, and XGBoost.
The models are analyzed and compared
based on accuracy, precision, recall, F1-
score, and AUC-ROC.
Experiment 1:
Performance Comparison of Machine
Learning Models using GloVe and
GloVe + PCA
International Journal of Modern Science and Research Technology
ISSN NO-2584-2706
In this experiment, we compare the
performance of different machine learning
models, including SVM and XGBoost,
using GloVe and GloVe + PCA
embeddings for phishing SMS detection.
The models are evaluated based on
accuracy, precision, recall, F1-score, and
AUC-ROC. The results indicate that
XGBoost with GloVe + PCA achieves the
highest accuracy, demonstrating its
effectiveness in feature extraction and
classification. The table below presents the
detailed comparison of these models.

Model Accuracy Precision Recall F1- AUC-

Score ROC
SVM (Glove) 0.949776 0.861538 0.746667 0.800000 0.966370
SVM (Glove + 0.937220 0.803030 0.706667 0.751773 0.965406
PCA)
XGBoost 0.964126 0.923077 0.800000 0.857143 0.980197
(Glove)
XGBoost 0.969507 0.946154 0.820000 0.878571 0.981440
(Glove +
PCA)

Experiment 2: strong performance, incorporating PCA

Impact of Feature Extraction on Model
Performance
In this experiment, we analyze the impact
of different feature extraction techniques
on model performance. We compare the
results of models using GloVe and GloVe
+ PCA to assess how dimensionality
reduction affects classification. The results
demonstrate that while GloVe provides
enhances generalization, particularly for
SVM and XGBoost. The table below
summarizes the performance variations.
These findings highlight the effectiveness
of XGBoost in phishing detection and
demonstrate that combining GloVe with
PCA enhances model performance.

Model Accuracy Precision Recall F1-Score AUC-

ROC
SVM 0.949776 0.861538 0.746667 0.800000 0.966366

XGBoost 0.964126 0.923077 0.800000 0.857143 0.980197

SVM + 0.968610 0.945736 0.813333 0.874552 0.975320
XGBoost

IJMSRT24MAR044 www.ijmsrt.com 339

DOI: https://doi.org/10.5281/zenodo.15113088
Volume-3,Issue3,March2025 International Journal of Modern Science and Research Technology
Conclusion:
"In this study, we explored machine
learning approaches for phishing SMS
detection. Our analysis demonstrated that
SVM, Random Forest, XGBoost, Naïve
Byes achieved the highest accuracy using
GloVe-based feature representation. The
results indicate that word embeddings
combined with dimensionality reduction
techniques can improve classification
performance. However, the study was
limited to English-language SMS and a
relatively small dataset. In the future, we
aim to extend this research to multilingual
datasets, deep learning-based approaches,
and real-time phishing detection systems
to enhance security against evolving cyber
threats."
Acknowledgement:
"I would like to express my sincere
gratitude to my supervisor Tanu Gupta, for
their invaluable guidance, constructive
feedback, and continuous support
throughout this research. I am also grateful
to K.R.Mangalam University for providing
the necessary resources and academic
environment to conduct this study.
Additionally, I acknowledge the
contributions of researchers in the field
whose work has inspired and informed my
research."
References:
[1].K. Haynes, H. Shirazi, and I. Ray
(2021). Lightweight URL-based phishing
detection using natural language
processing transformers for mobile
devices. Procedia Computer Science, 191,
127–134.
https://doi.org/10.1016/j.procs.2021.07.04
0
[2].A. Abbasi, D. Dobolyi, A. Vance, and
F. M. Zahedi (2021). The Phishing Funnel
Model: A Design Artifact to Predict User
Susceptibility to Phishing Websites.
Information Systems Research, 32(2),
410–436.
https://doi.org/10.1287/isre.2020.0973
IJMSRT24MAR044 www.ijmsrt.com
DOI: https://doi.org/10.5281/zenodo.15113088
ISSN NO-2584-2706
[3]A. Aljofey, Q. Jiang, Q. Qu, M. Huang,
and J.P. Niyigena (2020). An Effective
Phishing Detection Model Based on
Character Level Convolutional Neural
Network from URL. Electronics (Basel),
9(9), 1514.
https://doi.org/10.3390/electronics9091514
[4]C. Jones (2022, January 18). 50
phishing stats you should know in 2022.
50 Phishing Stats You Should Know In
2022. Retrieved January 27, 2022, from
https://expertinsights.com/insights/50-
phishing-stats-you-should-know/
[5] A. Hannousse and S. Yahiouche
(2021), “Web page phishing detection”,
Mendeley Data, V3, doi:
10.17632/c2gw7fy2j4.3
[6] G. K. Soon, C. O. Kim, N. M. Rusli, T.
S. Fun, R. Alfred, and T. T. Guan, T.
(2020). Comparison of simple feedforward
neural network, recurrent neural network,
and ensemble neural networks in phishing
detection. Journal of Physics. Conference
Series, 1502(1), 12033.
https://doi.org/10.1088/1742-
6596/1502/1/012033
[7] Anti-Phishing Working Group (APWG)
(2014). Phishing Activity Trends Report,
3rd Quarter 2021 [Online] Retrieved Feb
9, 2022, from
https://docs.apwg.org/reports/apwg_trends
_report_q3_2021.pdf
[8]M. Kearns, and A. Roth (2022, March
9). Ethical Algorithm Design Should
Guide Technology Regulation. Brookings.
Retrieved June 9, 2022, from
https://www.brookings.edu/research/ethica
l-algorithm-design-should-
guidetechnology-regulation/#footnote-3
340