{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T15:51:34Z","timestamp":1778169094746,"version":"3.51.4"},"reference-count":50,"publisher":"MDPI AG","issue":"11","license":[{"start":{"date-parts":[[2024,11,8]],"date-time":"2024-11-08T00:00:00Z","timestamp":1731024000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Future Internet"],"abstract":"<jats:p>Phishing email assaults have been a prevalent cybercriminal tactic for many decades. Various detectors have been suggested over time that rely on textual information. However, to address the growing prevalence of phishing emails, more sophisticated techniques are required to use all aspects of emails to improve the detection capabilities of machine learning classifiers. This paper presents a novel approach to detecting phishing emails. The proposed methodology combines ensemble learning techniques with various variables, such as word frequency, the presence of specific keywords or phrases, and email length, to improve detection accuracy. We provide two approaches for the planned task; The first technique employs ensemble learning soft voting, while the second employs weighted ensemble learning. Both strategies use distinct machine learning algorithms to concurrently process the characteristics, reducing their complexity and enhancing the model\u2019s performance. An extensive assessment and analysis are conducted, considering unique criteria designed to minimize biased and inaccurate findings. Our empirical experiments demonstrates that using ensemble learning to merge attributes in the evolution of phishing emails showcases the competitive performance of ensemble learning over other machine learning algorithms. This superiority is underscored by achieving an F1-score of 0.90 in the weighted ensemble method and 0.85 in the soft voting method, showcasing the effectiveness of this approach.<\/jats:p>","DOI":"10.3390\/fi16110414","type":"journal-article","created":{"date-parts":[[2024,11,12]],"date-time":"2024-11-12T03:53:14Z","timestamp":1731383594000},"page":"414","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":33,"title":["An Effective Ensemble Approach for Preventing and Detecting Phishing Attacks in Textual Form"],"prefix":"10.3390","volume":"16","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6860-6768","authenticated-orcid":false,"given":"Zaher","family":"Salah","sequence":"first","affiliation":[{"name":"Department of Information Technology, Faculty of Prince Al-Hussein Bin Abdullah II for Information Technology, The Hashemite University, Zarqa 13133, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6943-6134","authenticated-orcid":false,"given":"Hamza","family":"Abu Owida","sequence":"additional","affiliation":[{"name":"Department of Medical Engineering, Faculty of Engineering, Al-Ahliyya Amman University, Ammman 19328, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0000-0796-8522","authenticated-orcid":false,"given":"Esraa","family":"Abu Elsoud","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Information Technology, Zarqa University, Zarqa 13100, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-9747-4642","authenticated-orcid":false,"given":"Esraa","family":"Alhenawi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Information Technology, Zarqa University, Zarqa 13100, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2030-4250","authenticated-orcid":false,"given":"Suhaila","family":"Abuowaida","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Information Technology, Al Al-Bayt University, Mafraq 25113, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0542-1539","authenticated-orcid":false,"given":"Nawaf","family":"Alshdaifat","sequence":"additional","affiliation":[{"name":"Faculty of Information Technology, Applied Science Private University, Amman 11937, Jordan"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2024,11,8]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Kalderemidis, I., Farao, A., Bountakas, P., Panda, S., and Xenakis, C. (2022, January 23\u201326). GTM: Game Theoretic Methodology for optimal cybersecurity defending strategies and investments. Proceedings of the 17th International Conference on Availability, Reliability and Security, Vienna, Austria.","DOI":"10.1145\/3538969.3544431"},{"key":"ref_2","unstructured":"Anon (2023, November 19). Enisa Threat Landscape 2020\u2014Phishing. Available online: https:\/\/www.enisa.europa.eu\/publications\/phishing."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Dietterich, T.G. (2000). Ensemble methods in machine learning. International Workshop on Multiple Classifier Systems, Springer.","DOI":"10.1007\/3-540-45014-9_1"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"671","DOI":"10.1109\/COMST.2019.2957750","article-title":"SoK: A comprehensive reexamination of phishing research from the security perspective","volume":"22","author":"Das","year":"2019","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"103545","DOI":"10.1016\/j.jnca.2022.103545","article-title":"HELPHED: Hybrid Ensemble Learning PHishing Email Detection","volume":"210","author":"Bountakas","year":"2023","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"121183","DOI":"10.1016\/j.eswa.2023.121183","article-title":"Look before You leap: Detecting phishing web pages by exploiting raw URL And HTML characteristics","volume":"236","author":"Opara","year":"2024","journal-title":"Expert Syst. Appl."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"e165","DOI":"10.1002\/spy2.165","article-title":"Phishing email strategies: Understanding cybercriminals\u2019 strategies of crafting phishing emails","volume":"4","author":"Stojnic","year":"2021","journal-title":"Secur. Priv."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"101343","DOI":"10.1016\/j.tele.2020.101343","article-title":"Why do users not report spear phishing emails?","volume":"48","author":"Kwak","year":"2020","journal-title":"Telemat. Inform."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"391","DOI":"10.1016\/j.procs.2022.11.083","article-title":"Domestic private banking solutions can be quite successful as an effective protection against whaling-style cyber attacks which are used as a basis for more complex targeted phishing","volume":"213","author":"Gusev","year":"2022","journal-title":"Procedia Comput. Sci."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"610","DOI":"10.3390\/jcp3030029","article-title":"Business Email Compromise (BEC) Attacks: Threats, Vulnerabilities and Countermeasures\u2014A Perspective on the Greek Landscape","volume":"3","author":"Papathanasiou","year":"2023","journal-title":"J. Cybersecur. Priv."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Chinnasamy, P., Krishnamoorthy, P., Alankruthi, K., Mohanraj, T., Kumar, B.S., and Chandran, L. (2024, January 14\u201316). AI Enhanced Phishing Detection System. Proceedings of the 2024 Third International Conference on Intelligent Techniques in Control, Optimization and Signal Processing (INCOS), Krishnankoil, Virudhunagar District, Tamil Nadu, India.","DOI":"10.1109\/INCOS59338.2024.10527485"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"102414","DOI":"10.1016\/j.cose.2021.102414","article-title":"Applying machine learning and natural language processing to detect phishing email","volume":"110","author":"Alhogail","year":"2021","journal-title":"Comput. Secur."},{"key":"ref_13","unstructured":"Radev, D. (2023, November 19). CLAIR Collection of Fraud Email, ACL Data and Code Repository. Available online: http:\/\/aclweb.org\/aclwiki."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"76368","DOI":"10.1109\/ACCESS.2020.2989126","article-title":"From feature engineering and topics models to enhanced prediction rates in phishing detection","volume":"8","author":"Gualberto","year":"2020","journal-title":"IEEE Access"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"56329","DOI":"10.1109\/ACCESS.2019.2913705","article-title":"Phishing email detection using improved RCNN model with multilevel vectors and attention mechanism","volume":"7","author":"Fang","year":"2019","journal-title":"IEEE Access"},{"key":"ref_16","first-page":"1","article-title":"Word embeddings and semantic spaces in natural language processing","volume":"13","author":"Worth","year":"2023","journal-title":"Int. J. Intell. Sci."},{"key":"ref_17","unstructured":"Hiransha, M., Unnithan, N.A., Vinayakumar, R., Soman, K., and Verma, A. (2018, January 19\u201321). Deep learning based phishing e-mail detection. Proceedings of the 1st AntiPhishing Shared Pilot 4th ACM International Workshop Security Privacy Analytics (IWSPA), Tempe, AZ, USA."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Egozi, G., and Verma, R. (2018, January 17\u201320). Phishing email detection using robust nlp techniques. Proceedings of the 2018 IEEE International Conference on Data Mining Workshops (ICDMW), Singapore.","DOI":"10.1109\/ICDMW.2018.00009"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Halga\u0161, L., Agrafiotis, I., and Nurse, J.R. (2020). Catching the phish: Detecting phishing attacks using recurrent neural networks (rnns). Proceedings of the Information Security Applications: 20th International Conference, WISA 2019, Jeju Island, South Korea, 21\u201324 August 2019, Springer. Revised Selected Papers 20.","DOI":"10.1007\/978-3-030-39303-8_17"},{"key":"ref_20","unstructured":"Unnithan, N.A., Harikrishnan, N., Vinayakumar, R., Soman, K., and Sundarakrishna, S. (2018, January 19\u201321). Detecting phishing E-mail using machine learning techniques. Proceedings of the 1st Anti-Phishing Shared Task Pilot 4th ACM Iwspa Co-Located 8th ACM Conference Data Application Security Privacy (Codaspy)."},{"key":"ref_21","unstructured":"Unnithan, N.A., Harikrishnan, N., Akarsh, S., Vinayakumar, R., and Soman, K. (2018). Machine Learning Based Phishing E-Mail Detection, Security-CEN@ Amrita. Available online: https:\/\/ceur-ws.org\/Vol-2124\/paper_12.pdf."},{"key":"ref_22","unstructured":"Meena, K., and Upadhyaya, S.R. (2023, January 3\u20135). A Privacy-Preserving Machine Learning Ensemble for Spam Detection. Proceedings of the 2023 5th International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India."},{"key":"ref_23","first-page":"229","article-title":"Email spam detection using bagging and boosting of machine learning classifiers","volume":"24","author":"Bhardwaj","year":"2023","journal-title":"Int. J. Adv. Intell. Paradig."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Pathak, P., and Shrivas, A.K. (2023, January 8\u201310). Classification of Phishing Website Using Machine Learning Based Proposed Ensemble Model. Proceedings of the 2022 OPJU International Technology Conference on Emerging Technologies for Sustainable Development (OTCON), Chhattisgarh, India.","DOI":"10.1109\/OTCON56053.2023.10113909"},{"key":"ref_25","unstructured":"Zheng, C., Wu, G., and Li, C. (2023). Toward Understanding Generative Data Augmentation. arXiv."},{"key":"ref_26","unstructured":"Ozler, H. (2024, October 20). Spam or Not Spam Dataset. Available online: https:\/\/www.kaggle.com\/datasets\/ozlerhakan\/spam-or-not-spam-dataset."},{"key":"ref_27","first-page":"486","article-title":"A novel hybrid approach of SVM combined with NLP and probabilistic neural network for email phishing","volume":"10","author":"Kumar","year":"2020","journal-title":"Int. J. Electr. Comput. Eng."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Cho, E., Chang, T.W., and Hwang, G. (2022). Data preprocessing combination to improve the performance of quality classification in the manufacturing process. Electronics, 11.","DOI":"10.3390\/electronics11030477"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1016\/j.gltp.2022.04.020","article-title":"A review: Data pre-processing and data augmentation techniques","volume":"3","author":"Maharana","year":"2022","journal-title":"Glob. Transitions Proc."},{"key":"ref_30","first-page":"23799","article-title":"Design of inception with deep convolutional neural network based fall detection and classification model","volume":"83","year":"2024","journal-title":"Multimed. Tools Appl."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Chou, C.Y., Hsu, D.Y., and Chou, C.H. (2023). Predicting the onset of diabetes with machine learning methods. J. Pers. Med., 13.","DOI":"10.3390\/jpm13030406"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"109126","DOI":"10.1016\/j.ress.2023.109126","article-title":"Support vector machine in structural reliability analysis: A review","volume":"233","author":"Roy","year":"2023","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"623","DOI":"10.1080\/21681163.2022.2099299","article-title":"A deep learning approach with Bayesian optimized Kernel support vector machine for COVID-19 diagnosis","volume":"11","author":"Kesav","year":"2023","journal-title":"Comput. Methods Biomech. Biomed. Eng. Imaging Vis."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"238","DOI":"10.1080\/0960085X.2021.1931494","article-title":"Learning not to take the bait: A longitudinal examination of digital training methods and overlearning on phishing susceptibility","volume":"32","author":"Nguyen","year":"2023","journal-title":"Eur. J. Inf. Syst."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"717","DOI":"10.1007\/s12652-020-02054-3","article-title":"Consensus and majority vote feature selection methods and a detection technique for web phishing","volume":"12","author":"Alotaibi","year":"2021","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"106131","DOI":"10.1016\/j.cor.2022.106131","article-title":"Comparing two SVM models through different metrics based on the confusion matrix","volume":"152","author":"Alcaraz","year":"2023","journal-title":"Comput. Oper. Res."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Padilla, R., Netto, S.L., and Da Silva, E.A. (2020, January 1\u20133). A survey on performance metrics for object-detection algorithms. Proceedings of the 2020 International Conference on Systems, Signals and Image Processing (IWSSIP), Niteroi, Brazil.","DOI":"10.1109\/IWSSIP48289.2020.9145130"},{"key":"ref_38","first-page":"1401","article-title":"Improved Phishing Detection using Ensemble Models in Machine Learning","volume":"11","author":"Dasari","year":"2023","journal-title":"Int. J. Res. Appl. Sci. Eng. Technol. (IJRASET)"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Subba, B. (2023, January 23\u201326). A heterogeneous stacking ensemble-based security framework for detecting phishing attacks. Proceedings of the 2023 National Conference on Communications (NCC), Guwahati, India.","DOI":"10.1109\/NCC56989.2023.10068026"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"120253","DOI":"10.1016\/j.neuroimage.2023.120253","article-title":"Class imbalance should not throw you off balance: Choosing the right classifiers and performance metrics for brain decoding with imbalanced data","volume":"277","author":"Abdelhedi","year":"2023","journal-title":"NeuroImage"},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Flach, P.A. (2016). ROC analysis. Encyclopedia of Machine Learning and Data Mining, Springer.","DOI":"10.1007\/978-1-4899-7502-7_739-1"},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"1","DOI":"10.13164\/mendel.2023.1.001","article-title":"Offensive Language Detection Using Soft Voting Ensemble Model","volume":"29","author":"Fieri","year":"2023","journal-title":"MENDEL"},{"key":"ref_43","unstructured":"Nazri, R.A., Das, S., and Promi, R.T.H. (2021, January 8\u20139). Heart Disease Prediction using Synthetic Minority Oversampling Technique and Soft Voting. Proceedings of the 2021 International Conference on Automation, Control and Mechatronics for Industry 4.0 (ACMI), Rajshahi, Bangladesh."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"103560","DOI":"10.1016\/j.jnca.2022.103560","article-title":"An optimized ensemble prediction model using AutoML based on soft voting classifier for network intrusion detection","volume":"212","author":"Khan","year":"2023","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"98","DOI":"10.31963\/intek.v9i2.3550","article-title":"Brute-force Detection Using Ensemble Classification","volume":"9","author":"Kharismadhany","year":"2023","journal-title":"INTEK J. Penelit."},{"key":"ref_46","doi-asserted-by":"crossref","first-page":"3387","DOI":"10.24996\/ijs.2020.61.12.27","article-title":"Hybrid vs ensemble classification models for phishing websites","volume":"61","author":"Folorunso","year":"2020","journal-title":"Iraqi J. Sci."},{"key":"ref_47","first-page":"24","article-title":"SOLVING THE PROBLEM OF DETECTING PHISHING WEBSITES USING ENSEMBLE LEARNING MODELS","volume":"12","author":"Barabash","year":"2022","journal-title":"Sci. J. Astana IT Univ."},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"Puri, N., Saggar, P., Kaur, A., and Garg, P. (2022, January 8\u20139). Application of ensemble Machine Learning models for phishing detection on web networks. Proceedings of the 2022 Fifth International Conference on Computational Intelligence and Communication Technologies (CCICT), Sonepat, India.","DOI":"10.1109\/CCiCT56684.2022.00062"},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"857","DOI":"10.5267\/j.ijdns.2023.1.003","article-title":"A new phishing-website detection framework using ensemble classification and clustering","volume":"7","author":"Alsharaiah","year":"2023","journal-title":"Int. J. Data Netw. Sci."},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"223529","DOI":"10.1109\/ACCESS.2020.3043396","article-title":"The answer is in the text: Multi-stage methods for phishing detection based on feature engineering","volume":"8","author":"Gualberto","year":"2020","journal-title":"IEEE Access"}],"container-title":["Future Internet"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-5903\/16\/11\/414\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T16:28:54Z","timestamp":1760113734000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-5903\/16\/11\/414"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,8]]},"references-count":50,"journal-issue":{"issue":"11","published-online":{"date-parts":[[2024,11]]}},"alternative-id":["fi16110414"],"URL":"https:\/\/doi.org\/10.3390\/fi16110414","relation":{},"ISSN":["1999-5903"],"issn-type":[{"value":"1999-5903","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,11,8]]}}}