How Text Detection Is Used In Phishing Protection

How Text Detection Is Used In Phishing Protection

Reading Time: 4 minutes

Text Detection in Phishing Protection has become an essential asset 

When we were approached by a cybersecurity company to discuss how our technology could be used in the context of anti-phishing, we didn’t anticipate just how important text detection would be in helping to detect and block phishing attacks. 

Cybersecurity professionals work hard to keep their technology up to date, however, with APWG reporting consistent growth in phishing attacks each quarter, it’s clear there may be technologies that they are missing out on. The fact is, cybercriminals work just as hard and they have caught on to the technologies being employed. Now, they evade detection by turning trigger words and even entire emails and web pages into images so they can slip through the net with alarming ease. It comes as little surprise, then, that in APWG’s most recent report they reveal that December 2021 saw not only an increase in attacks reported, but the highest number reported in the history of the organization. Yes, it’s clear that something is missing and that something may very well be text detection. 

Depiction of visual phishing risk scoring of a fake Google sign-in form _text detection in phishing protection

Why is text detection so important?

Text detection is an aspect of computer vision technology that enables software to “read” text. In general terms it is known a OCR (Optical Character Recognition) as popularized in scanning applications. But if OCR converts text in images into readable and editable text, why would this be needed when it comes to phishing detection?

It comes down to the latest techniques used by bad actors to hide from anti-phishing systems, which tend to focus on programmatic methods of detection. The end result is the large volume of phishing emails making it through to user inboxes and the fact that 90+% of compromises begin as a phishing email.

Be Sure To Also Read ->Phishing Detection Use Case Overview

Text Detection in Phishing Protection

Bad actors know that detection systems look at the code of an email and website and so they use a couple of obfuscation techniques to avoid detection:

  1. Code-Based Obfuscation
    Used on phishing web pages, scammers will use javascript to pad a word that they know will be tracked by phishing detection platforms. So in the code, it looks like a stream of random letters, but when rendered by the browser, the javascript code strips out the random characters, leaving the actual word shown. The example below highlights this very well.
  2. Graphical obfuscation
    This technique works equally well for both emails and web pages. The Bad actors simply convert a word, section, or the entire email/page into a graphic. So again, if you look at the code, you don’t see any troubling words, like ‘login’ ‘password’ or ‘payment’. Instead you simply see an inline image, which is typically called something innocuous like ‘image1.jpg’
Text Detection in Phishing Protection

In both cases, the goal for bad actors is to display the undoctored version to users and make it look legitimate. So Visual-AI operates post-render by capturing the email/web page as a flat image and analyzing it. That’s where text detection comes into its own. It analyzes all the text (now burnt into the image) and converts it into machine-readable words.

It can provide a complete transcript of every word or can be tasked to look only for trigger words that might indicate a higher level risk.

These are just two examples of how text detection can help, but in practice, it doesn’t matter what techniques cybercriminals use because Visual-AI processes at the post-render stage. A number of studies have also found that this combined textual and visual approach to anti-phishing should be the absolute basic of phishing detection technology. 

Technology must keep improving 

With the knowledge that bad actors are always learning new ways to evade detection it is obvious that technology needs to be continually improved in order to achieve maximum efficiency. With new visual attack vectors coming down the line computer vision and text detection will play an increasingly important role in threat detection. 

Artificial intelligence, most notably text and image detection, will remain an important and persistent player in this quest for continual improvement. With that in mind, it’s vital that these companies ensure that their AI providers are also committed to consistent improvement and to remaining in tune with new challenges for phishing protection as they arise. 

Want To Talk??? 

Visual-AI, and specifically text detection should be an integral part of any anti-phishing system. With 19.8% of employees clicking on phishing links in emails, it’s important for an anti-phishing system to flag and stop those emails from reaching an employee’s inbox in the first place.

VISUA works with leading cybersecurity companies to empower their technology with Visual-AI. If this is something you are interested in, we’re ready to talk! Fill in the form below, and in the meantime, you can watch our video in which our CTO explains how Computer Vision and Cybersecurity work together

Book A Demo


APWG Phishing Trends Report: Year on Year Review (2022)

Reading Time: 5 minutes A close examination of the APWG Phishing Trends Report (Q1 2022) TLDR: Our previous article on this subject focused on the historical […]

Anti-Phishing Cybersecurity
How Visual Search is Used in Anti-Phishing

Reading Time: 2 minutes Visual Search in Phishing Protection – an effective combination Visual search is a powerful piece of computer vision technology that can enhance […]

How Object Detection is Used in Anti-Phishing

Reading Time: 3 minutes Object Detection plays an important role in phishing protection We have discussed previously how logo detection and text detection work with anti-phishing […]


Trusted by the world's leading platforms, marketplaces and agencies

Integrate Visual-AI Into Your Platform

Seamlessly integrating our API is quick and easy, and if you have questions, there are real people here to help. So start today; complete the contact form and our team will get straight back to you.

  • This field is for validation purposes and should be left unchanged.