Email Phishing Protection
Email phishing protection using Machine Learning models and rule analysis. Includes SPF/DKIM/DMARC verification, URL analysis, and identity spoofing detection.
Features
ML Detection
PhishBERT with 95%+ accuracy
Authentication Analysis
SPF/DKIM/DMARC verification
URL Scanning
Embedded URL analysis
Brand Spoofing
Brand impersonation detection
Analyze Email
POST /email/analyzeRequest Example
{
"sender_email": "security@paypa1.com",
"sender_name": "PayPal Security",
"recipient_emails": ["cliente@banco.com"],
"subject": "URGENT: Verify your account immediately",
"text_content": "Your account has been suspended. Click here to verify...",
"authentication_results": {
"spf": "fail",
"dkim": "fail",
"dmarc": "fail"
},
"extracted_urls": ["https://paypa1-security.com/verify"]
}Response Example
{
"analysis_id": "email_xyz789",
"is_phishing": true,
"risk_level": "critical",
"risk_score": 0.92,
"confidence_score": 0.96,
"threat_indicators": [
{
"type": "sender_spoofing",
"severity": "critical",
"description": "Domain 'paypa1.com' mimics 'paypal.com'"
},
{
"type": "urgent_language",
"severity": "high",
"description": "Uses urgent language to pressure user"
},
{
"type": "authentication_failure",
"severity": "high",
"description": "Failed SPF, DKIM and DMARC authentication"
}
],
"content_analysis": {
"urgency_detected": true,
"requests_credentials": true,
"brand_impersonation": "PayPal"
}
}Risk Levels
safe0.0 - 0.2Authentication OK, known sender
low0.2 - 0.4Some minor anomalies
medium0.4 - 0.6Suspicious content, doubtful URLs
high0.6 - 0.8Multiple phishing indicators
critical0.8 - 1.0Confirmed phishing
Connect Gmail Account
Start OAuth2 flow to connect a Gmail account and enable automatic monitoring.
POST /email/connectRequest Example
{
"provider": "gmail",
"user_id": "usr_123456",
"email_address": "cliente@gmail.com",
"settings": {
"auto_scan_enabled": true,
"scan_frequency_minutes": 15,
"monitored_folders": ["INBOX"],
"scan_attachments": true
}
}