© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.

org (ISSN-2349-5162)

PHISHNET: Online Spam and Phishing Detection

Using Machine Learning
Vankudothu Jeevan Bushaboina Uday Kumar
Dept. of Electronics and Computer EngineeringDept. of Electronics and Computer Engineering
Sreenidhi Institute of Science and TechnologySreenidhi Institute of Science and Technology
Yamnampet, Ghatkesar,Hyderabad Telangana 501301 Yamnampet, Ghatkesar,Hyderabad Telangana 501301
[email protected] [email protected]

Nangunuri Sai Teja K Sreelatha

Dept. of Electronics and Computer EngineeringAssistant professor
Sreenidhi Institute of Science and Technology Dept. of Electronics and Computer Engineering
Yamnampet, Ghatkesar,Hyderabad Telangana 501301 Sreenidhi institute of science and technology
[email protected] Yamnampet, Ghatkesar,Hyderabad
Telangana 501301
Mohan Dholvan Professor [email protected]
Dept. of Electronics and Computer Engineering
Sreenidhi institute of science and technology
Yamnampet, Ghatkesar,Hyderabad
Telangana 501301
[email protected]

Abstract: Phishing attacks, which use phony

websites, emails, and SMS messages to target
people and organizations, are a serious threat in the
digital age. The goal of this project, "PHISHNET,"
is to use cutting-edge machine learning techniques
to create a reliable and scalable defense against
phishing threats. Utilizing algorithms like Random
Forest, Gradient Boost, and Naïve Bayes, the
system is built to identify and stop phishing
attempts instantly, offering complete defense
against constantly changing online threats. Website,
email, and SMS phishing detection are the three
main areas covered by this project's scope. It
incorporates proactive prevention measures, such as
a blocking mechanism for phishing websites that
have been identified, and real-time classification
mechanisms to identify malicious activities. Easy
interaction is ensured by a user-friendly interface,
which also allows for informed decision-making by
displaying phishing risk levels via safety
percentages. The literature review stresses the need
for updated techniques to handle small datasets and
computational limitations, as well as issues with
current systems, such as false positives and negatives.
Keywords: Phishing, Machine learning, XG Boost,
Random Forest, Naïve Bayes.
I. INTRODUCTION
PHISHNET: Phishing Attack Threat Intelligence
System One cybersecurity initiative aims to identify
and evaluate possible phishing threats by utilizing
machine learning. Phishing, which involves using
phony websites, emails, and messages to trick users, is
still a major attack technique in light of the increase in
cybercrimes. In order to determine whether URLs,
emails, and messages are authentic or fraudulent, this
project uses machine learning algorithms. PHISHNET
improves detection capabilities and aids in the
prevention of phishing attacks by incorporating threat
intelligence techniques.
Based on a number of characteristics, the system
analyzes user-inputted URLs, emails, and messages to
determine whether they are malicious or safe. It uses
sophisticated feature extraction techniques to reduce
false positives and increase accuracy. Because of its
scalable architecture, PHISHNET can continuously
learn and adjust to new phishing tactics.The project
aims to provide an effective and reliable solution for
users, businesses, and cybersecurity professionals to
combat phishing threats efficiently. The system

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k1

© 2025 JETIR April 2025, Volume 12, Issue 4
processes user-inputted URLs, emails, and
messages to classify them as either safe or
malicious based on various features. It employs
advanced feature extraction methods to improve
accuracy and minimize false positives. PHISHNET
is designed to be scalable, allowing continuous
learning and adaptation to new phishing
techniquesThe project's goal is to give users,
companies, and cybersecurity experts a dependable
and efficient way to counteract phishing threats.
Because of its intuitive interface, PHISHNET
makes it simple to detect phishing attempts without
the need for technical knowledge. To keep ahead of
new phishing techniques, it makes use of real-time
data analysis and regularly updates its detection
models. The system is a flexible tool for people and
organizations looking for improved cybersecurity
because it can be integrated into a variety of
platforms. PHISHNET offers a proactive method of
detecting and reducing phishing threats by
employing machine learning-driven threat
intelligence, guaranteeing a safer online experience
for users.
Any users who unintentionally respond to
misleading messages, open malicious emails, or
click on fraudulent links risk financial losses and
security breaches. Attackers employ advanced
techniques to produce phony emails and websites
that closely mimic authentic sources, making it
challenging for users to discern between authentic
and fraudulent content. The necessity for an
intelligent system that can successfully identify and
stop phishing attempts before they cause harm is
highlighted by this growing threat.
II. LITERATURE SURVEY
Manuel Sánchez-Paniagua and associates (2022)
[1] A Logistic Regression model with TF-IDF
feature extraction is presented in the paper by
Manuel Sánchez-Paniagua et al. (2022), and it
achieves 96.50% accuracy on a dataset of login
URLs for phishing detection. Although useful, the
study emphasizes that TF-IDF and Logistic
Regression alone are not enough to identify
changing phishing tactics. To increase accuracy and
lower false positives, the authors advise combining
several machine learning algorithms. In order to
improve phishing detection, they also stress the
significance of feature engineering and dataset
JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org
www.jetir.org (ISSN-2349-5162)
diversity. The study lays the groundwork for creating
stronger models with cutting-edge machine learning
methods like XGBoost, SVM, and decision trees.
Arathi Krishna V et al. (2021) [2] Using neural
networks, random forest, and SVM classifiers, Arathi
Krishna's paper investigates phishing detection and
achieves 90.70% accuracy in URL analysis. The study
highlights the necessity of using a variety of machine
learning algorithms in order to detect different types of
phishing attacks. It draws attention to the ways in which
various classifiers enhance detection precision and
lower false positives. According to the research,
integrating different models improves the capacity to
assess and counteract various phishing threat types.
Taun Dung Pham and associates (2021) [3] They
perform two URL classifiers, LSTM and GRU, to
provide comparative results after integrating the
generated phishing URL data into the current URL
database. They suggest using the available phishing
URL data to train WGAN-GP, a GA network, to
generate malicious URLs. Using a machine learning
approach, it is necessary to identify the state-of-the-art
and choose the best machine learning algorithm.
Chapla et al., Happy (2019) [4] This model
incorporates the features that have been extracted from
both phishing and legitimate URLs. It is necessary to
identify useful lexical features. Our system receives
real, accurate results.
III. SYSTEM ARCHITECTURE
1. User Interface (UI)
Description: The front-end where users interact with
PHISHNET to input data and view results.
Components:
 Web portal (main interface for interaction)
 Real-time phishing detection results
 Risk level visualization (e.g., safe, suspicious,
dangerous)
 Upload/input options for URL, email content, or
SMS text
k2
© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.org (ISSN-2349-5162)

2. Backend (Machine Learning Layer) Components:

Description: The core of phishing detection using  Website Blocking: Displays strong warnings when
machine learning algorithms. a URL is flagged
 Email/SMS Alerts: Textual warning messages
Components: indicating the threat level

ML Model Deployment:

 Models like XG Boost, Random Forest, Naïve 5. Real-Time Threat Monitoring

Bayes
 Integrated directly into the backend logic (no Description: Monitors phishing trends and updates
API call needed) detection logic periodically.

Model Prediction Logic: Components:

 Direct method calls to prediction functions  Threat feed integration (via direct scripts or file
ingestion)
Detection Modules:  Scheduled retraining/updating of models

 Website Detection: Uses URL analysis and

webpage features
 Email Detection: Analyzes headers, content,
and links
 SMS Detection: Scans text for suspicious links
or phrases

3. Data Layer (Phishing Datasets)

Description: Source of truth for training and

evaluating models.

Components:

 Preloaded datasets for different attack vectors

(web, email, SMS)
 Local or cloud-based storage for:
 Model training
 Testing/evaluation

Dataset versioning
Fig.1. Project Architecture
4. Blocking & Alerting Mechanism
IV. System Flow
Description: Prevents or warns users about
malicious content.
Workflow and Data Flow
The system workflow follows a structured approach to
travel planning:

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k3

© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.org (ISSN-2349-5162)

1. User Input Stage  May include suggestions (e.g., "Do not click",
"Report this message").
 User provides:

 A URL (to check for phishing website)

 An Email text (to analyze for phishing signs)
 An SMS message (to scan for suspicious
content)

 Inputs are sent directly to the backend via form

submission or HTTP request.

2. Preprocessing Stage

 Input data is cleaned and converted into

features for the model:
 For URLs: Domain name, presence of "https",
length, special characters, etc.
 For Emails: Analyzes structure, content,
phishing keywords, presence of links.
 For SMS: Looks for common phishing patterns
and malicious links.

3. Feature Extraction & Transformation

 Preprocessed data is transformed into the

format expected by the ML model.
 Example: Categorical encoding, vectorization,
etc.
 These features are passed to the corresponding
ML model (e.g., Random Forest, Gradient
Boosting).
4. ML Model Prediction
 The selected machine learning model evaluates
the input.
 It predicts the phishing probability or label:
 Phishing
 Safe
 Suspicious
5. Output Generation
 The system generates a clear output message
based on the model's prediction.
 Example: “⚠️ This URL is likely a phishing site
(95% confidence)”
 Risk level: Safe, Moderate Risk, High Risk
Fig.2. User-Interface Diagram
V. IMPLEMENTATION
Several technologies must be integrated in order to
implement TripTrail, guaranteeing accuracy, efficiency,
and a flawless user experience. The implementation
process is thoroughly covered in this section, which
also covers database administration, chatbot
functionality, AI and ML integration, front-end and
back-end development, and system security.
The user-friendly, responsive web interface of
PHISHNET makes it simple for users to enter dubious
URLs, emails, or SMS messages for phishing detection.
The following are the main elements of the front-end:
Interface for Users (UI): The user interface, which is
made with HTML, CSS, and JavaScript, guarantees a
smooth and eye-catching experience. In addition to
displaying phishing risk levels and safety scores, it
offers simple navigation and fast access to phishing
detection features, including input forms for websites,
emails, and SMS.
Frameworks and Libraries: React.js is used by the

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k4

© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.org (ISSN-2349-5162)

front-end to produce dynamic, interactive user

interface elements. By updating only the necessary
portions of the user interface, React's efficient
rendering guarantees a seamless user experience. It
also provides quick response times and real-time
updates on the results of phishing detection.
Back-End Implementation:
As the central processing unit, the back-end
manages data, performs AI calculations, and detects
phishing attempts. It is in charge of delivering
phishing risk assessments, processing user inputs,
and executing machine learning models. Important
elements consist of:
1. Web Framework: Python is used to build the
back-end, and frameworks like Flask ensure a
scalable and reliable architecture that can
effectively handle numerous phishing detection
requests.
2. Machine Learning Models: To perform real-
time phishing classification for websites, emails,
and SMS, the back-end incorporates pre-trained
machine learning models (XG Boost, Random
Forest, and Naïve Bayes). After processing
incoming data, these models categorize it as either
legitimate or phishing.
Historical Data Storage: Information about phishing
attempts, user interactions, and detection results is kept
in the database. By improving detection models and
increasing overall accuracy over time, this data aids in
system improvement.
Machine Learning Integration for PHISHNET
The machine learning elements are essential to
improving PHISHNET's capacity to identify and stop
phishing attempts.
Models for Phishing Detection: Websites, emails, and
SMS messages are categorized as either legitimate or
phishing using algorithms like Random Forest, XG
Boosting, and Naïve Bayes. Using freshly labeled
phishing data, these models continuously increase their
accuracy.
Training Models: In order to improve its capacity to
identify new phishing techniques and reduce false
positives or negatives, the system constantly updates
and retrains models using fresh data.
Real-Time Detection: The system incorporates real-
time information from user inquiries to guarantee
current Web, email, and SMS message detection while
adjusting to new phishing techniques as they appear.

Data Processing: Incoming user data (URLs,

emails, and SMS messages) is processed by the
back-end, which then classifies it using the relevant
machine learning model and sends the safety
percentages and phishing risk results to the front-
end for display.

PHISHNET stores and manages user queries,

system results, and phishing detection logs using a
structured database.

Database System: To guarantee effective and

dependable data storage and retrieval for phishing
detection results and system interactions, a SQL-
based relational database (like MySQL or
PostgreSQL) is utilized.

Data Optimization: To enhance performance and

guarantee prompt access to sizable datasets of
phishing URLs, emails, and SMS data for real-time
analysis, indexing and query optimization
techniques are used.
Fig.3.Sequence Diagram

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k5

© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.org (ISSN-2349-5162)

VI.RESULTS

Fig.6. URL Detection

Fig.4. User Interface page

Fig.7. SMS Detection

VII. CONCLUSION
Fig.5. Email Detection
 By identifying and stopping phishing attempts on
websites, emails, and SMS messages, our project
seeks to improve internet security.

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k6

© 2025 JETIR April 2025, Volume 12, Issue 4 www.jetir.org (ISSN-2349-5162)

 We make it easier for users and enhance their
overall online safety by offering a single
platform for phishing detection and prevention.
 The system offers real-time phishing detection,
assisting users in making well-informed
security decisions.
 The incorporation of machine learning
techniques improves detection accuracy and
lowers false positives
 All things considered, by assisting users in
making wise decisions and avoiding phishing
scams, our project makes the internet a safer
place.
VIII. FUTURE ENHANCEMENTS
 Improved Machine Learning Models: By
combining more sophisticated deep learning
and natural language processing methods, the
detection accuracy is increased.
[2] Edward Wijaya, Gracella Noveliora, Kharisma Dwi
Utami , Rojali, Ghinaa Zain Nabiilah ,Spam Detection
in Short Message Service (SMS) Using Naïve Bayes,
SVM, LSTM, and CNN , 2023 10th International
Conference on Information Technology, Computer and
Electrical Engineering (ICITACEE) .
[3] Ammar Odeh , Ismail Keshta , Eman Abdelfattah,
Machine Learning Techniques for Detection of
Website Phishing: A Review for Promises and
Challenges , 2021 IEEE 11th Annual Computing and
Communication Workshop and Conference (CCWC).
[4] V Dharani, Divyashree Hegde, Mohana, Spam
SMS (or) Email Detection and Classification using
Machine Learning , 2023 5th International Conference
on Smart Systems and Inventive Technology (ICSSIT).
[5] Kerin Pithawala, Sakshi Jagtap and Preksha
Cholachgud , Detecting Phishing of Short Uniform
Resource Locators using classification techniques ,
2021 12th International Conference on Computing
Communication and Networking Technologies
(ICCCNT).

 Support for Mobile Applications:

PHISHNET will now be available as a mobile
app to examine phishing links and messages
sent through messaging apps and SMS.

 Multi-Language Support: To improve

accessibility worldwide, the system is being
improved to identify phishing attempts in
various languages.

 Cloud-Based Deployment: PHISHNET can be

hosted as a cloud-based service that offers real-
time phishing detection without the need for
local installations.

 Blockchain for Data Integrity: Investigating

the use of blockchain technology to safely store
phishing data and guard against manipulation.

IX. REFERENCES

[1] Adarsh Mandadi, Saikiran Bopanna, Vishnu

Ravella, Dr. R Kavitha, Phishing Website
Detection Using Machine Learning , 2022 IEEE
7th International conference for Convergence in
Technology (I2CT).

JETIR2504A40 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org k7