PhishBuster

Phishing is a cybercrime in which a target or targets are contacted by email, call (vishing) or SMS (smishing) by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking details and passwords.

The information is then used to access important accounts and can result in identity theft and financial loss
  • Too Good To Be True - Lucrative offers and attention-grabbing statements are designed to attract people’s attention immediately. For instance, many claim that you have won a lottery, or some other lavish prize. Just don't click on any suspicious emails. Remember that if it seems to good to be true, it probably is!
  • Sense of Urgency - A favorite tactic amongst cybercriminals is to ask you to act fast because the super deals are only for a limited time. Some of them will even tell you that you have only a few minutes to respond. When you come across these kinds of emails, it's best to just ignore them. Sometimes, they will tell you that your account will be suspended unless you update your personal details immediately. They do so to get you anxious and don't pay attention to the details like website design, logo, font size, etc. When in doubt, visit the source directly rather than clicking a link in an email.
  • Hyperlinks - A link may not be all it appears to be. Hovering over a link shows you the actual URL where you will be directed upon clicking on it. It could be completely different, it could be a popular website with a misspelling (typosquatting), for instance www.g00gle.com - the 'o' (letter o) is actually an '0' (digit 0) or the attacker could be using different techniques to hide actual URL so look carefully.
  • Attachments - If you see an attachment in an email you weren't expecting or that doesn't make sense, don't open it! They often contain payloads like ransomware (encrypts all the files on your device) or other viruses. The only file type that is always safe to click on is a .txt file.
  • Unusual Sender - Whether it looks like it's from someone you don't know or someone you do know, if anything seems out of the ordinary, unexpected or just suspicious in general don't click on it! Attackers can be use a technique called as email spoofing to impersonate them as someone you know, a big personality or a big company.

What is PhishBuster?

Aim of the project is to reduce phishing victims.

It is a project made to reduce phishing victims by analyzing the URL and checking for typosquatting or another practice used by the attacker to disguise the phishing URL.

How do use PhishBuster?

  • You just have to paste the URL in the enter the URL section and select the site it resembles or it is supposed to be and click on START SCAN and it will let you know it is a phishing site or not.
  • You can go to CONTRIBUTE section and click on reports to see the list of all the phishing URLs saved from the scans and report them to their respective domain name registrar.

Anything for Developers?

PhishBuster API

Send a GET request to PhishBuster Site and add suspected link followed by + and add the site it is trying to refer to.
Eg. https://phishbuster-web.herokuapp.com/api/suspected+refering
NOTE: To use API use call_api.py for proper functioning.

Steps:

  1. Set inurl to the input url and seurl to original domain.
  2. Run python call_api.py to use the PhishBuster API.
  3. You will receive a json output with 3 fields Input URL, Original URL, Phishing Site (Boolean output).