# PhishTank
| **PhishTank** | **Quick Overview** |
| ---------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| URL | |
| What it does | Collects and shares information on phishing URLs submitted and verified by the community, lets you verify whether a site is malicious, and contributes to global anti-phishing efforts. |
| How to use it | Search for a URL to see if it’s been reported, or submit a suspicious URL for verification. |
| Cost | Free. |
| Account required | Optional (needed to submit or vote on phishing reports). |
| Cookies | Site security and session management. |
| Ownership | Originally launched in 2006 by [David Ulevitch](https://x.com/davidu) as part of OpenDNS, which Cisco Talos subsequently acquired. |
| Use in Reporting | Useful to confirm malicious sites and track phishing campaigns in threat intelligence or OSINT reports. |
### What does the PhishTank do?
PhishTank aggregates community-verified phishing URLs and makes the data publicly available. It’s a go-to resource for quickly checking whether a suspicious website is known to be malicious.
**The lowdown:** It’s a fast, simple, and reliable threat intelligence tool.
### How to Use:
1. **Go to**[ **https://www.phishtank.com/**](https://www.phishtank.com/) **and enter a URL to check if it’s been reported as phishing.**
**2. You can also submit a suspicious URL for community verification and browse through valid phishes.**
### Cost
* [x] Free
* [ ] Partially Free
* [ ] Paid
## Data Processing
### Account Required:
* [x] Yes
* [x] No
Optional (needed to submit or vote on phishing reports).
### Cookies:
Cookies are mainly used for site security and session management. One comes from Cloudflare to confirm you’re a legitimate user, while others track sessions and help prevent bot or automated access.
### Use in Reporting
PhishTank can be used to:
* Validate phishing reports before alerting users.
* Include verified phishing URLs in threat intelligence feeds.
* Track patterns and trends in phishing campaigns.
* Support cybersecurity awareness and training.
PhishTank is widely integrated into cybersecurity tooling and reporting with many security vendors and community feeds using its data to block or flag phishing URLs and publish their own analyses e.g. anti-phishing reports.
| **Capabilities** | **Limitations** |
| ------------------------------------------------------- | --------------------------------------------------------------------- |
| Public, free phishing database. | Relies on community submissions so may miss new or targeted phishing. |
| Community verification system. | Verification may take time. |
| API access for automated checking. | Limited metadata beyond URL and status. |
| Historical data of reported phishing campaigns. | No deep analysis of phishing infrastructure. |
| Lightweight and easy to integrate into OSINT workflows. |
|
### Summary
PhishTank is a free, community-powered anti-phishing tool that helps OSINT practitioners, security teams, and researchers quickly verify phishing URLs and track campaigns. It’s most useful in the collection and analysis stages of the OSINT workflow and is primarily a source for confirming malicious URLS rather than discovering broader infrastructure.
### Ownership
PhishTank was originally launched in 2006 by [David Ulevitch](https://x.com/davidu) as part of OpenDNS, which [Cisco Talos ](https://www.reddit.com/user/CiscoTalos/)subsequently acquired.
### Ethical Considerations
* Never click or interact with unverified phishing links.
* Use data responsibly for research, reporting, or defensive purposes.
* Avoid sharing sensitive user information when reporting phishing.
### Related Tools:
* VirusTotal
* URLhaus
* OpenPhish
#### Sources
