
Phishing attacks have grown increasingly sophisticated, leaving traditional detection methods struggling to keep pace. Today, seven out of ten malicious domains don't even mention the targeted brand name, making it incredibly challenging to detect threats using conventional monitoring techniques.
At Axur, we’ve revolutionized our approach, leveraging advanced technology to overcome these obstacles and dramatically improve phishing detection.
The Old Way: Security Teams' Persistent Challenges
Historically, security teams faced two major hurdles in detecting malicious URLs and domains:
-
Complex and Resource-Intensive Detection: Traditional collectors required meticulous, client-specific configurations to detect relevant URLs. This process was cumbersome, slow, and costly due to the massive volume of URLs captured daily.
-
Limited and Redundant Analysis in Brand Protection solutions: URLs were directly linked to specific assets or brands, restricting analysis and resulting in missed detections. For example, if a phishing attack targeting one brand was mistakenly captured by another brand’s collector, the attack could slip through unnoticed. Conversely, redundant detections occurred frequently, unnecessarily driving up costs.
Clearly, security teams needed a smarter, faster, and more efficient detection solution.
The New Way: Streamlined Detection with Signal Lake
To address these challenges head-on, Axur developed Signal Lake, an innovative and efficient infrastructure for URL processing. Signal Lake operates like a powerful data funnel, gathering, organizing, and analyzing 40 millions of URLs daily with unprecedented precision. This new approach significantly reduces complexity, boosts efficiency, and enhances our ability to detect genuine threats.
Capturing the Uncapturable: Meet the Site Scanner
Fraudsters often block access to malicious sites through sophisticated methods:
-
User-Agent Blocking: Restricting site access exclusively to mobile devices.
-
IP Blocking: Blocking known cybersecurity proxies.
-
Geolocation Restrictions: Allowing site access only from specific regions.
-
Browser Fingerprinting: Using unique browser attributes to limit access.
The new way—our innovative Site Scanner—is designed to bypass these defenses by:
-
Customizing user-agent configurations to mimic mobile or desktop access.
-
Rotating through a wide range of proxies to evade IP blocks.
-
Selecting geographically appropriate proxies to bypass location-based restrictions.
-
Emulating detailed browser fingerprints to replicate authentic user devices accurately.
Leveraging AWS infrastructure and browser automation, the Site Scanner reliably captures essential evidence like HTML and screenshots from heavily protected malicious sites.
Smarter Analysis with Clair: AI That Thinks Like an Expert
The cornerstone of this new approach is Clair, Axur’s proprietary generative AI model. Clair analyzes each URL independently, eliminating reliance on manual asset configurations. It autonomously identifies brands and fraudulent characteristics—even when fraudsters deliberately omit brand names or keywords.
Clair’s intelligent analysis includes:
-
Brand Detection: Automatically identifies targeted brands, even if they're not preconfigured on our platform.
-
Personification Scoring: Compares fraudulent sites directly to official brand sites, measuring imitation accuracy.
-
Comprehensive Attribute Extraction: Consolidates multiple attribute detections (language, password requests, payment data collection, etc.) into one streamlined model, reducing complexity and enhancing scalability.
This advanced methodology drastically improves detection rates, minimizes false positives, and simplifies system maintenance, providing security teams with precise and actionable insights.
Real Results and Stronger Security
By embracing this new way:
-
Each URL is inspected only once, significantly reducing redundancy.
-
We've nearly eliminated missed detections by decoupling URLs from brand-specific collectors.
-
Our system accurately identifies threats without requiring exhaustive manual keyword updates or language-specific expertise.
Axur: Leading the Change in Phishing Detection
Fraudsters will always evolve, but with Axur’s Threat Hunting solution for Phishing & Domain Intelligence, security teams now have the tools they need to stay ahead. At Axur, we’re proud to have pioneered this innovative approach—transforming how security teams detect and mitigate phishing threats.
Watch the video to learn more about advanced phishing and domain detection techniques.
Connect with us to strengthen your digital security strategy and proactively protect your brand from emerging threats.

Experts in creating relevant external cybersecurity content to make the internet a safer place.