PhishPattern

This repository is dedicated to understanding the User Interactions required by Phishing Attacks via which they trick users into revealing critical information.

Overview

In this project, we develop a smart crawler that uses a combination of HTML static and Dynamic Analysis, OCR, Machine Learning and Object Detection methods to better understand the information requested by an encountered Phihsing page and interact with the page by submitting the phishing page after providing corresponding information. It should be noted that the information provided are fake that is dynamically generated by a third party library Faker. Further, the crawler also monitors the behavior of page with respect to different simulated user interaction and continues to interact with the phishing site if the successful interaction of a phishing page leads to more phishing pages requiring additional infomration.

The crawler is able to detect a number of information requested by the page such as

Login Related Information such as UserName, User ID, Email, Password

Personal Information such as Name, Address, Contact, Birth Date

Payment Infomration such as Card Number, Account Number, Expiry Date, CVV

Private Information such as License Number, SSN, Mother's Maiden Name