Phishing Watch Frequently Asked Questions

Q: What data does the Phishing Watch snippet capture?

When you add a snippet to your website, it recognizes that it is in the official website domain and it will not do anything. When it runs in other environments, with different domains, or unknown redirects to your official website, the snippet will enable the domain report flow and report the following information:

  • Full URL including domain, path, and query.
  • Organization’s IP address.

Q: Does the Phishing Watch affect my website’s performance?

The snippet was designed with performance at its core. As such, it performs minimal actions that may have negligible performance impact on the website on which it runs.

The snippet is loaded after the website finishes loading, therefore does not impact user experience. Performance tests are conducted periodically to check loading times to ensure that it remains unnoticed by end users.

Q: Is the Phishing Watch stable?

We ensure that each of the very few actions the snippet performs is guarded against crashes by catching all possible exceptions and handling them quietly, all without negatively affecting end users.

Q: Do I need to install anything on my company servers?

No, the snippet is completely standalone. All that is required is to embed it into the website’s HTML.

Q: If my website changes, do I need to do anything?

As long as you keep the Phishing Watch snippet right before the body closing tag (“</body>”), no additional changes are required.

Q: Does the Phishing Watch introduce any security risks?

No, the installation does not require you to open any ports or expose your services or users in any way.

Q: Is any user or organization’s private information exposed?

No, the snippet does not monitor, save, or report any user or organization information. Only the IP address of the user accessing the webpage is sent back to Threat Command servers.

Q: Is the Phishing Watch scalable?

Yes.  Google infrastructure is used to maintain the most scalable architecture possible. No amount of requests will crash the Phishing Watch or affect end users in any way.

Q: What is the Phishing Watch fingerprint on my website?

  1. A <link> tag that is added to the body of the HTML and does not show visually (the tag is removed immediately after it was added).
  2. A DNS request is sent, which is not visible in the browser’s network tab.