AN ANTI-PHISHING TOOL TO VERIFY URLS IN EMAIL'S CONTENT

Phishing is a threat that causes Internet users to lose the control over their accounts. A variety of anti-phishing approaches have been proposed, one of this variety is anti-phishing client-side tools. Most of these tools are rely on black/white list and heuristic methods. Most of these tools however, still unable to catch all phishing emails, especially zero-day attacks. To success, phishers usually take advantage of weaknesses in implemented anti-phishing methods and human vulnerabilities. Therefore, there is an urgent need for a solution that integrates anti-phishing technical and nontechnical (user awareness) approaches. The proposed system (tool) in this paper is an attempt to achieve that goal. The proposed tool is designed to work at user's email browser/platform, and provide the user with basic information about any URL in email's content before clicking it, and probably browse suspicious site. WHOIS query method is employed by the proposed system to obtain required information about URLs in email's content.