understanding favicons as phishing indicators:
Favicons, the small icons associated with websites, play a crucial role in phishing detection. Attackers often replicate legitimate favicons to create deceptive phishing pages, aiming to trick users into believing they are interacting with trusted websites. By familiarizing ourselves with commonly abused favicons, we can enhance our ability to identify and combat phishing attempts effectively.
urldna most abused favicons: charting phishing trends:
Based on an analysis of recent phishing campaigns, the following chart showcases the top 10 abused favicons in our databases:
All product names, logos, brands, trademarks and registered trademarks are property of their respective owners.
How to search for a Favicon on urldna:
In order to find website in urldna database that have a specific favicon you can use this query:
favicon: Favicon hash
It's important to note that the hash is phash.
Here also a quick script in python that you can use to calculate the phash of a favicon:
from PIL import Image import imagehash # Load the image image_path = 'path_to_image.jpg' # Insert the image path here image = Image.open(image_path) # Calculate the pHash phash = imagehash.phash(image) # Print the pHash print("pHash:", phash)
You can use the hash that you obtain to query for results on urldna database.