Detects browser-native phishing attacks like ConsentFix, ClickFix, and Browser-in-the-Browser that bypass traditional security
Detects browser-native phishing attacks like ConsentFix, ClickFix, and Browser-in-the-Browser that bypass traditional security. PhishWatch detects browser-native phishing attacks that bypass email filters -- because these attacks don't activate until after delivery, inside your browser. Modern phishing no longer needs a suspicious-looking domain. Attackers use legitimate cloud infrastructure, AI-written language, and browser mechanics to steal credentials. With 82% of detections now malware-free (CrowdStrike 2026) and ClickFix named the #1 initial access method (Microsoft 2025), the attack surface has moved from your inbox to your browser. PhishWatch operates at this layer -- where the attack must execute to succeed. PhishWatch intercepts outbound navigation events and evaluates browser mechanics -- not whether a page looks suspicious or whether a domain is on a blocklist. Detection is event-driven and activates only when risk indicators are present. Normal browsing on everyday sites proceeds without interruption. When risk is detected, PhishWatch shows an explainable warning with the specific mechanical reason -- not a generic "this site may be dangerous" message. You always have the option to continue anyway. DESIGNED FOR TRANSPARENCY * Manifest V3 with strict permissions model * No use of eval() or dynamic script injection * Deterministic, explainable detections -- no black-box AI classification * Fail-open design: uncertainty always resolves to allowing navigation * All warnings are overridable -- PhishWatch never locks you out PhishWatch complements email filters, endpoint protection, and password managers. It operates at the one layer those tools cannot observe: inside your browser, at the moment you act. Privacy policy: https://phishwatch.io/privacy Website: https://phishwatch.io