Email phishing remains a prevalent cyber threat, targeting victims to extract sensitive information or deploy malicious software. This paper explores the integration of open-source intelligence (OSINT) tools and machine learning (ML) models to enhance phishing detection across multilingual datasets. Using Nmap and theHarvester, this study extracted 17 features, including domain names, IP addresses, and open ports, to improve detection accuracy. Multilingual email datasets, including English and Arabic, were analyzed to address the limitations of ML models trained predominantly on English data. Experiments with five classification algorithms: Decision Tree, Random Forest, Support Vector Machine, XGBoost, and Multinomial Na\"ive Bayes. It revealed that Random Forest achieved the highest performance, with an accuracy of 97.37% for both English and Arabic datasets. For OSINT-enhanced datasets, the model demonstrated an improvement in accuracy compared to baseline models without OSINT features. These findings highlight the potential of combining OSINT tools with advanced ML models to detect phishing emails more effectively across diverse languages and contexts. This study contributes an approach to phishing detection by incorporating OSINT features and evaluating their impact on multilingual datasets, addressing a critical gap in cybersecurity research.

翻译：电子邮件钓鱼攻击作为一种普遍存在的网络威胁，旨在诱骗受害者泄露敏感信息或部署恶意软件。本文探讨了如何整合开源情报工具与机器学习模型，以提升针对多语言数据集的钓鱼邮件检测能力。本研究利用Nmap与theHarvester提取了包括域名、IP地址及开放端口在内的17项特征，以提高检测准确率。通过分析包含英语和阿拉伯语在内的多语言邮件数据集，解决了主要基于英语数据训练的机器学习模型存在的局限性。实验采用了五种分类算法：决策树、随机森林、支持向量机、XGBoost以及多项式朴素贝叶斯。结果表明，随机森林算法在英语和阿拉伯语数据集上均取得了最优性能，准确率达到97.37%。在融合OSINT特征的数据集上，该模型相较于未使用OSINT特征的基线模型展现出更高的准确率。这些发现凸显了将OSINT工具与先进机器学习模型相结合，在不同语言和语境下更有效检测钓鱼邮件的潜力。本研究通过引入OSINT特征并评估其在多语言数据集上的影响，提出了一种钓鱼邮件检测方法，弥补了网络安全研究中的一个关键空白。