The full anatomy of a phishing site,
one URL at a time.
ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.
Phishing detected
| URL | hxxps://brt[.]ktqufu[.]help/track-it | |
| Brand | BRT | |
| Screenshot | https://cdn.zerophish.ai/a1fe36b5-2447-45f7-a41c-2c23dead0408.jpg | |
| Scan ID | 009fec2a-d262-4eab-95b9-64e3e24d7271 |
No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.
No brand impersonation signals available.
No technical metadata captured for this scan.
The website presents itself as ‘BRT’, a legitimate logistics company. However, several phishing techniques have been identified:
-
URL mismatch: The URL ‘https://brt.ktqufu.help/track-it’ does not match the legitimate ‘brt.it’ domain associated with BRT.
-
Fake security warning: The text includes a false security warning about not sharing banking details. Such warnings are a common strategy to gain user trust while redirecting them to a malicious link.
-
Request for information update: The text informs the user that the parcel could not be delivered due to incorrect address details, and asks the user to update their data. This is a common phishing tactic to collect personal information.
These elements strongly suggest that the site is a phishing site, not a legitimate BRT page.