Detects phishing attempts in SMS messages and emails using BERT AI, domain verification, and typosquat detection β all running locally with zero data sent online.
π Live Demo Β· Built by Kalixte Petrof
Phishing scams cost Americans billions of dollars every year. Existing spam filters either send your private messages to company servers, or rely on simple word-matching that misses sophisticated attacks.
PhishGuard is a research project that solves both problems:
A fine-tuned BERT model reads the full message and understands the meaning behind it. Unlike basic spam filters that count suspicious words, BERT understands that βyour account is suspendedβ from an unknown sender is very different from βhey are you coming to practice?β
Cross-references the senderβs email domain against a verified list of 30+ major companies. Recognizes legitimate subdomains (like notify.wellsfargo.com) while flagging impersonation attempts.
Catches common phishing tricks like replacing letters with numbers (paypa1.com, micros0ft.com, wellsfarg0.com) that sometimes trick us.
| Model | Accuracy | Phishing Recall |
|---|---|---|
| Naive Bayes (baseline) | 97.85% | ~75% |
| Logistic Regression | 96.41% | 75% |
| BERT (fine-tuned) | 97.4%+ | ~95% |
Trained and tested on the UCI SMS Spam Collection Dataset (5,572 messages).
Key finding: BERTβs context understanding significantly improves recall on sophisticated phishing messages that bypass keyword-based filters β particularly messages that use legitimate-sounding language with suspicious sender domains.
phishguard/
βββ phishing_detector_site.html # Live web demo (works offline)
βββ phishing_detector.py # Basic classifier (Naive Bayes + Logistic Regression)
βββ phishing_detector_bert.py # BERT fine-tuning script
βββ save_model.py # Save trained model to disk
βββ check_message.py # Load saved model and check messages
βββ enhanced_detector.py # Full detector with domain verification
pip install pandas scikit-learn transformers torch
# Download spam.csv from Kaggle first
python phishing_detector.py
# Train and save (takes ~30-45 mins on CPU)
python save_model.py
# Check messages instantly after saving
python check_message.py
Just open phishing_detector_site.html in any browser. No server needed.
Message: "URGENT: Your bank account has been suspended. Verify: bit.ly/2xR9m"
Result: FAKE (99.1% chance of being fake)
Message: "Hey, are we still on for dinner tonight at 7?"
Result: REAL (0.0% chance of being fake)
Subdomain false positives β Early versions incorrectly flagged legitimate corporate emails from subdomains like alerts@notify.wellsfargo.com. Fixed by implementing subdomain-aware domain matching.
Contextual messages β Formal-sounding legitimate messages (appointment reminders, shipping confirmations) can score borderline false positives. BERT handles these significantly better than keyword classifiers.
The privacy gap β No major consumer phishing detector currently runs entirely on-device for SMS. This remains an unsolved problem in mobile security.
bert-base-uncased) β Googleβs pre-trained language model via HuggingFace TransformersBuilt as an independent research project exploring the application of transformer-based language models to real-world cybersecurity problems.
β οΈ PhishGuard is a research project. No detector is 100% accurate,, β always verify suspicious messages through official channels.