Smartphone’s popularity and their constant connectivity to the World Wide Web have made these devices vulnerable to phishing and smishing attacks. Phishing is a practice of sending malicious emails to users. Smishing is a combined form of SMS and Phishing in which invaders send SMS containing malicious content to the victim. This content sometimes includes links which redirect the user to websites containing malicious applications and user interfaces. Researchers have proposed various methods in past years to detect smishing but still, we lack a method that significantly avoids false-positive results i.e. falsely categorizing a message as malicious when it is genuine. Hence, we have proposed a model called ’Smishing Detector’ to identify smishing messages while reducing false-positive results at every possible step. The proposed method consists of four modules, namely, SMS Content Analyzer, URL Filter, Source Code Analyzer and Apk Download Detector. SMS Content Analyzer analyzes the text message contents. Naive Bayes Classification Algorithm is used to identify the malicious contents and keywords present in the text message. URL Filter inspects the URL to identify malicious features. Source Code Analyzer examines the source code of the website to identify the harmful code embedded in it. Form tag and URL domain present in the source code are also inspected in this module. APK Download Detector identifies whether any malicious file is downloaded while invoking the URL. User consent taken while downloading the file is also inspected in this module. Finally, we have developed a prototype of the proposed system which has been validated with experiments on SMS datasets. In this paper, we have demonstrated the results of each module separately and also we have demonstrated the final results. The results of the experiments show an overall accuracy of 96.29%. We have compared this model with other models proposed by various researchers and we have found that this model covers more security aspects as compared to other models.

智能手机的普及及其与万维网的持续连接使这些设备容易受到网络钓鱼和网络钓鱼攻击。网络钓鱼是向用户发送恶意电子邮件的一种做法。垃圾邮件是SMS和网络钓鱼的组合形式，入侵者将包含恶意内容的SMS发送给受害者。该内容有时包含将用户重定向到包含恶意应用程序和用户界面的网站的链接。过去几年中，研究人员提出了各种方法来检测垃圾邮件，但是，我们仍然缺乏一种能够有效避免假阳性结果的方法，例如，当消息是真实消息时，将消息错误地归类为恶意。因此，我们提出了一个名为“ Smishing Detector”的模型，用于识别垃圾邮件，同时在每个可能的步骤中减少假阳性结果。所提出的方法包括四个模块，即SMS内容分析器，URL过滤器，源代码分析器和Apk下载检测器。SMS内容分析器分析文本消息的内容。朴素贝叶斯分类算法用于识别文本消息中存在的恶意内容和关键字。URL筛选器检查URL以识别恶意功能。源代码分析器检查网站的源代码，以识别其中嵌入的有害代码。源代码中存在的表单标签和URL域也在此模块中进行检查。APK Download Detector可以识别在调用URL时是否下载了任何恶意文件。在此模块中还将检查下载文件时获得的用户同意。最后，我们已经开发了所建议系统的原型，该原型已通过SMS数据集上的实验进行了验证。在本文中，我们分别演示了每个模块的结果，并且还演示了最终结果。实验结果表明，总体准确性为96.29％。我们将该模型与各种研究人员提出的其他模型进行了比较，发现与其他模型相比，该模型涵盖了更多的安全方面。