OpenPhish is a fully automated self-contained platform for phishing intelligence. It identifies phishing sites and performs intelligence analysis in real time without human intervention and without using any external resources, such as blacklists.
OpenPhish receives millions of unfiltered URLs from a variety of sources on its global partner network. The phishing detection engine of OpenPhish singles out live phishing URLs and extracts their metadata, which includes targeted brands (when applicable), network and geographical locations, phishing kits and drop accounts.
OpenPhish reports only new and live phishing URLs. We keep track of the detected phishing URLs and do not report any URL more than once within any given 14-day period. We do not report any dead phishing URLs as they do not pose any threat.
If you are interested in sharing URLs (phishing or not) with us, please contact us at email@example.com.
The short answer - you can't. OpenPhish neither maintains its own blacklist nor can remove your website from third party blacklists. OpenPhish only provides a feed of exact live phishing URLs and never flags the entire website/domain as malicious. If you have questions about a specific URL related to your website, please email us at firstname.lastname@example.org.
First, please refer to the False Positive Feed to check if we are already aware of the false positive. If the URL is not in the feed and you believe that we incorrectly identified a phishing URL, please let us know at email@example.com.
PhishBreach Database is a free service that allows any organization to check if it has email accounts that were potentially compromised as a result of a phishing attack. The PhishBreach Database is based off IntellAct, OpenPhish's proprietary phishing campaign tracking technology. IntellAct consumes the phishing campaigns detected by OpenPhish, analyzes them in real-time and produces a live feed of accounts that were affected by those campaigns.Affected parties may request one free detailed report about the potential breach.
The PhishBreach Database is updated every 6 hours. The IntellAct feeds are updated every 5 minutes.
For each potentially compromised account, OpenPhish stores the full email address and the corresponding phishing attack data, which includes the phishing URL, targeted brand and the discovery time stamp. OpenPhish does not store any other information.
The information IntellAct captures from the phishing campaigns is accurate and supported by sufficient evidences. However, OpenPhish makes no attempt to establish the legitimacy of the captured data beyond reasonable doubt. It is the domain owner's responsibility to investigate further and take necessary actions.
It means that at least one account on your domain was potentially compromised as a result of a phishing attack. OpenPhish makes no attempt to establish the legitimacy of the account(s) nor does it assess the severity of the impact.
Each organization is eligible for one free report that contains the following information: