Abstract
•Detecting spear-phishing email attacks based on sender domains.•Figuring out that the domain's sender is genuine or forgery.•Providing a balanced trade-off between detecting targeted attacks and bypassing the genuine emails.
The latest report by Kaspersky on email Spam and targeted Phishing attacks, by percentage, highlights the need of an urgent solution. Attachment-driven Spear-phishing struggles to succeed against many email providers’ malware-filtration systems, which proactively check emails for malicious software. In this paper, we provided a solution that can detect targeted Spear-phishing attacks based on required similarities in the specific domain which it has been targeted. The strategy is to figure out whether the domain is genuine or a forgery, which is to be evaluated by multi novel grading algorithms. Therefore, this research addresses targeted attacks on specific organisations by presenting a new enterprise solution. This detection system focuses on domain names, which tend to be registered domain names trusted by the victims. The results from this investigation show that this detection system has proven its ability to reduce email phishing attacks significantly.
[Display omitted]