Use Urlscan.Io To Identify Phishing And Spear-Phishing Websites

Phishing and spear-phishing are social engineering attacks that trick victims into giving sensitive information or clicking on malicious links. Phishing is aimed at anyone, spear-phishing is personal.

Background:

urlscan.io is a service to scan and analyze websites. When a URL is submitted to urlscan.io, an automated process will browse to the URL like a regular user and record the activity that this page navigation creates. This includes the domains and IPs contacted, the resources (JavaScript, CSS, etc) requested from those domains, as well as additional information about the page itself. urlscan.io will take a screenshot of the page, record the DOM content, JavaScript global variables, cookies created by the page, and a myriad of other observations.

Exercise:

Use urlscan.io to identify phishing and spear-phishing websites.

Example:

Using monkeytype.com, I used urlscan and it provided much information such as a screenshot of the connection, the URL history, the summary of where it connected and when, and domain/ip information.