Adealix Jairon N. Maranan*, Kent S. Madrideo, Sharwin John C. Marbella, Kevin R. Ofracio, Paul Dominic A. Syparrado, and Pops V. Madriaga (Authors)

Abstract

The phishing scam method is one of the most widespread cybersecurity threats, and nowadays, many different attacks are done not only via email but also via the mobile platform, including SMS with smishing and instant messaging apps. The majority of available studies and remedies in phishing detection focus on the desktop platform, utilizing browser plug-ins or extensions, which do not adequately address the escalating risks on mobile platforms, where students are increasingly accessing academic, financial, and communication services. The proposed research suggests a cross-platform mobile-first phishing detection system that uses an AI-driven cloud API. With this, the system design will allow intercepted URLs in SMS, email, and messaging apps to be directed to a centralized API that identifies links as either safe, suspicious, or even malicious and opens them. This interception can be implemented in mobile devices using lightweight security applications configured as the default link handler, and on desktops, laptops, and other electronic devices using browser plug-ins or middleware clients. The research will conduct an impact analysis of this cloud-based detection framework on various devices, evaluating detection accuracy, false positives, latency, bandwidth usage, and general usability in comparison to conventional phishing defense mechanisms. Focusing on mobile-first environments while maintaining compatibility with desktops, the research aims to fill the gap in current academic methodologies and the real-life status of mobile phishing attacks, including spoofed SMS messages that falsely claim to be digital wallets or university portals. It is anticipated that by demonstrating the ability to offer effective, scalable, and practical phishing protection that is reflective of current user behavior, where mobile devices are the primary means of daily communication and where attackers are increasingly targeting mobile devices, the contribution will be made.

Keywords: Phishing, smishing, cybersecurity, browser plug-ins, extensions, AI-Driven Cloud Api, link handler, cross-platform security, mobile-first, threat detection, latency, false positives, false negatives, detection accuracy, bandwidth usage, usability, user trust, digital wallets, messaging apps, cloud-based security

*Corresponding author

DOI: http://doi.org/10.69651/PIJHSS0404496

Recommended citation:

Maranan, A. J. N., Madrideo, K. S., Marbella, S. J. C., Ofracio, K. R., Syparrado, P. D. A., & Madriaga, P. V. (2025). Impact analysis of mobile-first AI-assisted Phishing Detection across platforms using Cloud APIs. Pantao (The International Journal of the Humanities and Social Sciences) 4 (4), 5358-5368. http://doi.org/10.69651/PIJHSS0404496

Read the full text

References

Verizon. (2023). 2023 data breach investigations report (DBIR). Verizon Enterprise. https://www.verizon.com/business/resources/reports/dbir/

Moghimi, F., & Varjani, A. Y. (2016). New rule-based phishing detection method. Expert Systems with Applications, 53, 231–242. https://www.sciencedirect.com/science/article/abs/pii/S0957417416000385

Alghamdi, A., Gutub, A., & Alzahrani, M. (2020). A survey on phishing detection techniques. International Journal of Advanced Computer Science and Applications, 11(5), 1–8. https://www.researchgate.net/publication/294823697_A_survey_on_phishing_detection_and_prevention_technique

Shahraki, A., Karimipour, H., & Dehghantanha, A. (2021). Mobile application link-based phishing detection: A machine learning approach. Journal of Information Security and Applications, 58, 102–112. https://www.mdpi.com/1999-4893/16/8/366

Azad, M. A., et al. (2023). Phish-Jam: An ensemble learning approach for phishing URL detection. Sensors, 23(2), 490. https://www.researchgate.net/publication/388569146_An_Ensemble_Approach_to_Phishing_URL_Detection_Using_Supervised_Machine_Learning

Li, Y., Tan, H. K., Meng, Q., Lock, M. L., Cao, T., Deng, S., Oo, N., Lim, H. W., & Hooi, B. (2018). PhishINTEl: Toward practical deployment of reference-based phishing detection. arXiv. https://arxiv.org/html/2412.09057v1

Hriday, D., Kulkarni, A., Balachandran, V., & Das, T. (2025, September 10). Phish-Blitz: Advancing phishing detection with comprehensive webpage resource collection and visual integrity preservation. arXiv. https://arxiv.org/html/2509.08375v1

Dalton, T., Gowda, H., Rao, G., Pargi, S., Khodabakhshi, A., Ramos, J., Jou, S., & Marwah, M. (2025, July 14). PhreshPhish: A real-world, high-quality, large-scale phishing website dataset and benchmark. arXiv. https://arxiv.org/html/2507.10854v1

Lookout Threat Advisory. (2023). Lookout threat advisory. Lookout. https://www.lookout.com/documents/datasheets/us/lookout-threat-advisory-ds-us.pdf

Google Transparency Report. (2025). Google transparency report. https://transparencyreport.google.com/safe-browsing/search?hl=en

Anti-Phishing Working Group. (2024). Phishing activity trends report. APWG. https://docs.apwg.org/reports/apwg_trends_report_q4_2023.pdf

Microsoft. (2023). Microsoft digital defense report. Microsoft. https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/MDDR-executivesummary-Oct2023.pdf