Blogposts and resources from the Phish Report team

For years phishing sites have been using services like Cloudflare to hide from security scanners, ...

IOK ("Indicator of Kit") is a small, open source language d...

Anti-analysis checks are used by phishing sites to detect when they're being accessed by security ...

The Phish Report threats team have identified an organised threat actor (codenamed RedLungfish) wh...

Let's write an IOK signature for a WhatsApp phishing kit which targeted Chinese-speaking users for...

Cloning a login page in order to make phishing sites takes only a few seconds. There's a good chan...

Phishing kits are generally sold on underground forums and can be tricky (at least ethically!) for...

Who hosts that website? Seems a simple question, but it's very hard to consistently get the right ...

urlscan.io is an incredible tool for taking a snapshot of a phishing website...

The trend towards statically generated websites hasn't been limited to legitimate websites. Increa...

As a startup, building and protecting your brand is essential to success. Unfortunately, cybercrim...

There's too many suspicious URLs going round to manually check every one to see if it's malicious....

Phishers love to use URL shorteners, but this can actually be a benefit for defenders too. Wouldn'...

The key to successfully combating phishing is detecting it early: the sooner you can report a phis...

You'd expect phishing sites to be hard to detect and track, but actually, many of them contain HTM...

Just like any other website, phishing sites can have security vulnerabilities. But, for once, thes...

This week the IDs we use for identifying Phish Report cases got 20% longer, but twice as reliable....