Description: The Cloned Website token is placed within the JavaScript of your websites and notifies you if someone clones your site and hosts it on another domain. (This is often used for targeted Phishing attacks.)
Follow the steps below to create a Cloned Website Canarytoken:
Step 1:
Log in to your Console.
Step 2:
Select the Canarytokens tile.
Step 3:
Select the Cloned Website token from the list.
Step 4:
Enter the website domain under Cloned Web.
Note: we used "inyoni-corp.com" as the domain
Step 5:
Copy the JS into a file on your target server.
Note: you can encode the file to obfuscate it by toggling on the Obfuscate Script switch.
Alert:
An alert is only triggered if the page is ever loaded on another server that doesn't match the domain specified.
Note: the original domain "inyoni-corp.com" was loaded on "inyonii-corp.com"
You're done! ;-)