Spot the Phish
Pretty sure you can spot a phishing site in the wild? Try your hand at our Spot the Phish game and see what your score is! Review 5 randomized pairs of side-by-side sites and click on the phish.
Spot the Phish - Wells Fargo
Did you know hackers can use HTTPS protocol for phishing sites to create a sense of trust and legitimacy for users? Even phishing sites can get the HTTPS certification and secure site padlock icon beside their URL. The padlock does not mean the website is safe, only that the connection is encrypted, but this often creates a false sense of security for users.
Spot the Phish - Wells Fargo
Phishing sites can use special characters that human eyes often don’t detect within the URLs. For example, ɑ looks very similar to a, but they are different. Hackers use letters from the Cyrillic alphabet and other foreign languages with nearly identical characters to get you onto their phishing sites.
Spot the Phish - Apple
With the growing popularity of the dark web for illegal commerce, it’s easy for hackers to purchase phishing kits that can spin up similar to nearly identical copycat websites featuring matching fonts, logos, and images. Popular kits include Kali Linux, Zphisher, and SocialPhish.
Spot the Phish - Apple
If clever character substitutions in URLs don’t fool you, you could still end up on a phishing site through malicious redirects placed on compromised sites. Traffic is redirected from the legitimate site to hacker-controlled replica sites. Machine Learning outsmarts this technique by training models to look at specific phishing features beneath the surface of site presentation.
Spot the Phish - AT&T
Hackers can create a pixel-to-pixel identical website. Everything from logos to fonts, even to how the URL is displayed on the page, is intended to mislead targets to enter their credentials on the clone site.
Spot the Phish - AT&T
Packet patterns can see what the eye cannot. These two identical-looking websites have distinct packet dynamics. Bytes sent and bytes received over time look very different. We can see overall characteristics frequency in size, the ratio of bytes sent to bytes received, and actual encrypted bytes to evaluate patterns in encryption use and strength of encryption against our ML model.
Spot the Phish - Bank of America
According to the US Federal Bureau of Investigation, phishing attacks are expected to increase by as much as 400% yearly. The websites most likely to be targeted belong to financial institutions, email and social media platforms, and eCommerce retail stores.
Spot the Phish - Bank of America
These are very different flows. One is legitimate, the other is malware. The bars that go up are packets that are sent from the client to the server, uploads. The bars going down represent bytes from the server to the client, downloads. The space between the bars represents the interpacket arrival time or how much time is spent between these packets being sent. Legitimate websites typically invest in greater resources and return results with smaller spaces between the bars.
Spot the Phish - Netflix
Hackers often use legitimate-looking domains with lookalike words using similar letter or number combinations to attack you. This is called “Domain Spoofing.”
Spot the Phish - Netflix
ThreatEye uses a trained machine learning model that ingests data from thousands of known phishing sites against known legitimate sites to detect any traits that would be exhibited by phishing sites.
Thanks for playing!
YOU SCORED
Enter your info below to be entered into our monthly raffle for an Oculus Quest headset!
Ready to talk about your network?
Let us introduce you to the world’s only all-in-one network visibility platform.