Skip to main content

Search

How do I create a Cloned Website Canarytoken?

  • Updated

Description: The Cloned Website token is placed within the JavaScript of your websites and notifies you if someone clones your site and hosts it on another domain. (This is often used for targeted Phishing attacks.)

Note: If your site is actually used for phishing attacks, you will be notified for every user who loads the “malicious page" - This is great news, since it will often help with targeted Incident Response. 
 

 Follow the steps below to create a Cloned Website Canarytoken:

Step 1:

Log in to your Console.

Canary_Login_.png

Step 2:

Select the Canarytokens tile. 

Token_Tile.png

Step 3:

Select the Cloned Website token from the list.

Cloned.png

Step 4:

Enter the website domain under Cloned Web.

Note: we used "inyoni-corp.com" as the domain

Cloned_Create.png

Step 5:

Copy the JS into a file on your target server.

Note: you can encode the file to obfuscate it using any obfuscators available online

Copy.png

Alert:

An alert is only triggered if the page is ever loaded on another server that doesn't match the domain specified.

Note: the original domain "inyoni-corp.com" was loaded on "inyonii-corp.com"

Alert.png

You're done! ;-)

 

 

 

 

Was this article helpful?
5 out of 5 found this helpful
Return to top