Abstract
Email remains the most targeted vector for cyberattacks, with phishing and spam causing severe financial and reputational damage worldwide. Although machine learning (ML) has improved detection accuracy, current systems still face challenges balancing precision and efficiency under high-volume conditions that can trigger resource exhaustion attacks. This paper introduces an adaptive email threat detection framework combining deep learning with fuzzy hashing for accuracy and speed. Five models: Random Forest, Support Vector Machine, LSTM, Bidirectional LSTM (BLSTM), and Bidirectional GRU were trained on 85,736 emails spanning 2000 to 2024, including 50,374 spam and 35,362 legitimate messages from CEAS, Enron, Ling-Spam, and 2023-2024 archives. The BLSTM achieved the best performance with 99.18% accuracy, 99.00% precision, 99.25% recall, and a 99.17% F1-score, outperforming ML baselines (RF: 98.92%, SVM: 98.72%). Cross-temporal validation on unseen 2023 data confirmed strong generalization (96.25%). A hybrid BLSTM-SSDEEP system reduced detection time from 65.19 s to 14.74 s (77.4% faster) while sustaining 99% accuracy, demonstrating an effective and scalable defense against polymorphic phishing, large-scale spam, and resource exhaustion attacks.