A real-time email phishing detection system that monitors your inbox for suspicious emails and automatically moves potential phishing attempts to the spam folder. Built with machine learning, this system analyzes both email content and embedded URLs to identify threats.
- Real-time Email Monitoring: Continuously checks your inbox for new messages
- Machine Learning Classification: Uses a trained TensorFlow model to analyze email content
- URL Threat Detection: Verifies links against Google Safe Browsing API
- Automatic Spam Management: Moves detected phishing emails to spam folder
- Parallel Processing: Efficiently processes multiple emails simultaneously
- Python 3.7+
- Raspberry Pi (for deployment)
- Gmail account
- Google API key (for Safe Browsing API)
- Internet connection
-
Clone the repository:
git clone https://github.com/AkshayRane05/email-phishing-detection.git cd email-phishing-detection -
Install required dependencies:
pip install -r requirements.txt
-
Download NLTK data:
python -c "import nltk; nltk.download('stopwords')" -
Configure your Gmail account:
- Enable IMAP in your Gmail settings
- Generate an App Password if you have 2FA enabled
-
Update the credentials in the code:
EMAIL_ACCOUNT = "your-email@gmail.com" EMAIL_PASSWORD = "your-app-password"
-
Get a Google Safe Browsing API key:
- Visit the Google Cloud Console
- Create a new project and enable the Safe Browsing API
- Generate an API key and update it in the code:
API_KEY = "your-google-api-key"
-
Ensure you have the trained model files:
phishing_email_detection_model.h5tokenizer.pkl
(If you don't have these files, check the Model Training section below)
-
Run the email listener:
python email_phishing_detector.py
-
The system will:
- Connect to your Gmail inbox
- Continuously check for new emails
- Analyze each new email for phishing attempts
- Move suspected phishing emails to the spam folder
- Print detailed analysis in the console
-
To stop the program, press
Ctrl+C
Example of the system detecting a phishing email with confidence score and analysis results.
Architecture diagram showing the email processing pipeline.
Model evaluation metrics showing accuracy, precision, and recall on test data.
This repository includes a pre-trained model, but if you want to train your own:
- Collect a dataset of phishing and legitimate emails
- Preprocess the data using the
clean_text()function - Train a model using TensorFlow (sample script provided in
train_model.py) - Save the model as
phishing_email_detection_model.h5 - Save the tokenizer as
tokenizer.pkl
- Email Fetching: Connects to Gmail via IMAP and retrieves new emails
- Content Analysis:
- Cleans and preprocesses email text
- Passes the text through a trained neural network
- Determines phishing probability score
- URL Checking:
- Extracts URLs from email content
- Verifies each URL against Google Safe Browsing API
- Action Taking:
- Moves emails identified as phishing to spam folder
- Marks processed emails as read
- Store your email password and API keys securely
- Consider using environment variables instead of hardcoding credentials
- Regularly update the model to adapt to new phishing techniques
- This tool is meant for personal use - respect privacy laws when deploying in multi-user environments
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- NLTK for natural language processing
- TensorFlow for machine learning capabilities
- Google Safe Browsing API for URL verification