Detecting Credential Phishing using Deep Learning + MQL

Sublime's Message Query Language (MQL) is an interface designed to help detect and prevent email attacks through sophisticated logic and is particularly effective against credential phishing. One of its key components, LinkAnalysis, identifies suspicious links by navigating to web pages, capturing screenshots, and analyzing them with techniques like computer vision to determine if they are phishing sites. This process involves a context classifier to evaluate link authenticity, an automated headless browser to visit websites, and deep learning object detection models to identify elements such as logos and input boxes on a page. The system further employs Siamese Neural Networks and optical character recognition for recognizing brand impersonations, while Pixel Math logic assesses if detected input boxes are part of login portals. By combining these technologies, MQL provides robust defense mechanisms against phishing by automatically identifying, flagging, and preventing potential threats before they can harm users.