Abstract

URL phishing is a type of online scam where attackers create fake websites or emails that appear to be from legitimate sources, such as banks or social media platforms. The goal of URL phishing is to trick users into entering their personal information, such as login credentials or credit card details, on the fake website or in the email. The purpose of this research is to evaluate the effectiveness of utilizing machine learning to detect phishing domains by developing and comparing three models. Additionally, the three models' most accurate model is contrasted with previously proposed solutions in the literature. CatBoost, XGBoost (Extreme Gradient Boosting), and LightGBM (Light Gradient Boosting Machine) approaches were used to create these models. The UCI phishing domains dataset from the universal resource locator (URL) is also used as a benchmark to assess the models. Our results demonstrate that the CatBoost-based model beats previous solutions in the literature and is more accurate than the other three strategies