With over 90% of breaches attributed to phishing campaigns, it’s no surprise that phishing attacks cost organisations around the world billions of dollars annually. The most common outcomes of a successful phishing attack include direct financial losses due to customer account compromise, unfavourable brand reputation and loss of customer trust, plus increasing clean-up and mitigation costs.
A wealth of phishing intelligence
PhishDB is a turnkey solution covering the entire phishing life cycle – from the earliest stages of a phishing attack to the takedown and removal of phishing websites. Addressing many of the shortcomings of anti-phishing tools currently available to customers, PhishDB focuses heavily on
Simply provide us with the brands you are interested in protecting, and we'll do the rest.
All data on protected brands will be available in the PhishDB portal, and we'll start sending takedowns right away.
PhishDB uses PhantomJS lazy-loading technology to automatically render the content of URLs the way a user's browser would see it. We save a complete screenshot of the site as well as the source code that was presented to the browser. For our customers’ brands , we create captures of URLs every 3 hours.
This type of monitoring gives a complete picture of how a site changes over time, and is critical for tracking brand-targeting rotation, redirection campaigns, and detecting page state changes.
Core to PhishDB is our Auto-Identification Engine, which uses custom algorithms based on fuzzy hashing, which allows us to compare two distinctly different items and determine a fundamental level of similarity, represented as a percentage.
Our fully-automated Takedown Engine continuously queries URLs containing active phish for our customers, and sends templated takedowns with all the relevant data the hosting provider needs to locate and take down the phish.
Malicious actors continually rotate through redirector URLs in spam campaigns so that the landing pages themselves are not picked up by modern spam detection engines. However, PhishDB continuously mines and reviews content scrapes to map out the relationships between pages.
This allows you to view the source pages a URL is redirected from, as well as the target pages that it redirects to. This mapping allows you to track entire campaigns with ease.
To bring additional usefulness for reporting and compliance to our customers, we include a suite of metrics regarding phishing campaigns against their brands, including
A CSV export option allows you to export the raw underlying data in your own reports or spreadsheets. Our regular management reports also provide macro metrics about trends for
Continuous lifecycle monitoring combined with our automated takedowns engine identifies malicious phishing pages quickly, resulting in faster takedowns. This approach is aimed at reducing overall phishing site lifespan to mitigate losses, saving you time and money.
24/7 automated protection
A fully-automated approach ensures that active phishing pages never sit around waiting for manual human review. Our system operates around the clock to identify malicious phishing pages and performs takedown actions day and night.
Full redirection tree tracking
The platform performs full redirection tree tracking to monitor the individual redirection sources and targets of every individual page within a campaign, allowing us to provide you with a top-down campaign view (including all sub-pages and redirectors related to a specific phishing incident).
The entire picture
Our phishing portal provides a clear overview of all relevant phishing statistics, campaigns, and active URLs to give you the entire picture of the current and historical phishing threat level and activity for your brands.
One simple flat price
No confusing per-incident or per-takedown pricing – just pay a simple flat price to protect all of your brands, and leave the rest to us.