- Aug 17, 2014
Cybersecurity firms commonly use headless devices or virtual machines to determine if a website is used for phishing.
Discovered by MalwareHunterTeam, the script checks the visitor's screen's width and height and uses the WebGL API to query the rendering engine used by the browser. [...]
Fabian Wosar, CTO of cybersecurity firm Emsisoft, told BleepingComputer that security software utilize a variety of methods to scan for and detect phishing sites. These include signature matching and visual machine using machine learning.