In a phishing attack, a perpetrator attempts to obtain the online credentials of a user by impersonating a trusted entity such as a bank, email service provider, etc. Sophisticated phishers attempt to deceive spam filters by structuring the visual look-and-feel of their fake emails to be nearly but not precisely identical to emails sent by a trusted entity, such that the spam filter allows the fake email to reach a user’s inbox.

This disclosure applies machine-learning based techniques to assess the visual similarity of genuine and phished emails (or landing pages) for a given brand. The techniques detect visual near-duplicates of a trusted entity’s email and thereby achieve resilience against adversarial attacks. The need for use of hand-crafted features to achieve visual-similarity match is eliminated, enabling accurate detection of new genres of phishing email as they surface.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.