As part of their security solutions, Proofpoint provides a service to scan URLs embedded in clients’ emails, and determine whether they lead to sites containing malware. Suspicious URLs are redirected to a virtual environment, or sandbox, where they are tested for maliciousness. The goal of our project is to create a machine learning classifier which can better detect malicious URLs, so that fewer URLs need to be sandboxed. We investigated various models and features to create a number of options for such a classifier.