Lightweight Phishing Url Detection Using Rule-Based Feature Extraction in Python

Abstract

Phishing is one of the most common online threats where fake websites trick users into sharing sensitive information like passwords or bank details. In this paper, we introduce a simple yet effective method to detect phishing websites by analyzing the structure of their URLs. Instead of using complex or heavy machine learning models, we use Python to create a lightweight system that checks for specific patterns in the URL—like if it’s unusually long, contains suspicious words (such as "secure" or "login"), uses special characters like '@', or even tries to hide its identity using shortened links or IP addresses. We extract these features and use a basic classifier (like Naive Bayes or Decision Tree) to decide if the link is safe or a potential phishing^[1] attempt. Our technique performs well on publicly available datasets and requires very little system resources, making it suitable for small tools like browser extensions or email scanners. Overall, the goal of this project is to provide a fast, transparent, and easy-to-use solution that helps protect users online without needing advanced hardware or deep technical knowledge.