Anti-Phishing platform
for rapid identification and takedowns.



With over 90% of breaches attributed to phishing campaigns,  it’s no surprise that phishing attacks cost organisations around the world billions of dollars annually. The most common outcomes of a successful phishing attack include direct financial losses due to customer account compromise, unfavourable brand reputation and loss of customer trust, plus increasing clean-up and mitigation costs.

A wealth of phishing intelligence
PhishDB is a turnkey solution covering the entire phishing life cycle – from the earliest stages of a phishing attack to the takedown and removal of phishing websites. Addressing many of the shortcomings of anti-phishing tools currently available to customers, PhishDB focuses heavily on 

  • Automation
  • Fast and accurate detection
  • Phishing site lifespan reduction
  • Campaign and redirection tracking
  • Providing a continuous timeline view of a site at any point in its lifecycle.



  • Save time and money
  • Mitigate losses
  • Rapid identification and takedowns

  • Reduce overall phishing site lifespan
  • Get a clear top-down campaign overview
  • Simple flat price structure


Rapid implementation

Simply provide us with the brands you are interested in protecting, and we'll do the rest.

All data on protected brands will be available in the PhishDB portal, and we'll start sending takedowns right away.



Continuous life-cycle monitoring

PhishDB uses PhantomJS lazy-loading technology to automatically render the content of URLs the way a user's browser would see it. We save a complete screenshot of the site as well as the source code that was presented to the browser. For our customers’ brands , we create captures of URLs every 3 hours.

This type of monitoring gives a complete picture of how a site changes over time, and is critical for tracking brand-targeting rotation, redirection campaigns, and detecting page state changes.

Auto-identification engine

Core to PhishDB is our Auto-Identification Engine, which uses custom algorithms based on fuzzy hashing, which allows us to compare two distinctly different items and determine a fundamental level of similarity, represented as a percentage.

Takedown engine

Our fully-automated Takedown Engine continuously queries URLs containing active phish for our customers, and sends templated takedowns with all the relevant data the hosting provider needs to locate and take down the phish.

Redirection & campaign tracking

Malicious actors continually rotate through redirector URLs in spam campaigns so that the landing pages themselves are not picked up by modern spam detection engines. However, PhishDB continuously mines and reviews content scrapes to map out the relationships between pages.

This allows you to view the source pages a URL is redirected from, as well as the target pages that it redirects to. This mapping allows you to track entire campaigns with ease.


To bring additional usefulness for reporting and compliance to our customers, we include a suite of metrics regarding phishing campaigns against their brands, including

  • Number of New and Shutdown Active Phish
  • Average and Median Time to Takedown Sent
  • Responsive Hosting Provider Shutdown Time
  • Unresponsive/Bulletproof Hosting Provider Shutdown Time.


A CSV export option allows you to export the raw underlying data in your own reports or spreadsheets. Our regular management reports also provide macro metrics about trends for

  • The most targeted phishing brands
  • The worst hosting providers (regarding phishing delivered from their network), and
  • The worst IPv4 and IPv6 addresses.



Key features

  • Continuous lifecycle monitoring
  • Fully-automated identification and categorisation of content scrapes
  • Fully-automated takedown system
  • Screenshots and source code of every content scrape
  • Redirection relationship and campaign mapping

  • Easy implementation
  • Online portal provides access to all data related to phishing against your brands
  • Historical and current metrics concerning all aspects of the phishing lifecycle
  • Intelligence provider partnerships for comprehensive view of all phishing campaigns
  • ISP partnerships for faster takedowns


Benefits in more detail

Faster takedowns
Continuous lifecycle monitoring combined with our automated takedowns engine identifies malicious phishing pages quickly, resulting in faster takedowns. This approach is aimed at reducing overall phishing site lifespan to mitigate losses, saving you time and money.

24/7 automated protection
A fully-automated approach ensures that active phishing pages never sit around waiting for manual human review. Our system operates around the clock to identify malicious phishing pages and performs takedown actions day and night.

Full redirection tree tracking
The platform performs full redirection tree tracking to monitor the individual redirection sources and targets of every individual page within a campaign, allowing us to provide you with a top-down campaign view (including all sub-pages and redirectors related to a specific phishing incident).

The entire picture
Our phishing portal provides a clear overview of all relevant phishing statistics, campaigns, and active URLs to give you the entire picture of the current and historical phishing threat level and activity for your brands.

One simple flat price
No confusing per-incident or per-takedown pricing – just pay a simple flat price to protect all of your brands, and leave the rest to us.





Get PhishDB for your organisation.

Choose between:

Thank you for your interest in CSIS

We will get back to you as soon as possible.