PhishSnap: Image-Based Phishing Detection Using Perceptual Hashing
Md Abdul Ahad Minhaz, Zannatul Zahan Meem, Md. Shohrab Hossain
TL;DR
PhishSnap tackles visually deceptive phishing by moving detection to the client with perceptual hashing, capturing page screenshots and comparing their visual fingerprints to a local bank of legitimate templates. Implemented as an on-device browser extension, it preserves privacy by keeping all processing local and achieves sub-second inference with 0.79 accuracy, 0.76 precision, and 0.78 recall on a 2024 dataset of 10,000 URLs. The work demonstrates the viability of visual similarity as a defense against phishing and outlines directions to enhance robustness with textual cues and mobile support. Overall, PhishSnap offers a practical, privacy-preserving alternative to server-based visual phishing detectors while highlighting the importance of dataset diversity for robust evaluation.
Abstract
Phishing remains one of the most prevalent online threats, exploiting human trust to harvest sensitive credentials. Existing URL- and HTML-based detection systems struggle against obfuscation and visual deception. This paper presents \textbf{PhishSnap}, a privacy-preserving, on-device phishing detection system leveraging perceptual hashing (pHash). Implemented as a browser extension, PhishSnap captures webpage screenshots, computes visual hashes, and compares them against legitimate templates to identify visually similar phishing attempts. A \textbf{2024 dataset of 10,000 URLs} (70\%/20\%/10\% train/validation/test) was collected from PhishTank and Netcraft. Due to security takedowns, a subset of phishing pages was unavailable, reducing dataset diversity. The system achieved \textbf{0.79 accuracy}, \textbf{0.76 precision}, and \textbf{0.78 recall}, showing that visual similarity remains a viable anti-phishing measure. The entire inference process occurs locally, ensuring user privacy and minimal latency.