The full anatomy of a phishing site,
one URL at a time.
ZeroPhish renders the page, runs twelve detection signals against the DOM, certificate chain, brand fingerprint and threat feeds, and returns a typed verdict. Built for security teams and product engineers.
Phishing detected
| URL | HTTPS://MEGA-CAPITALS[.]ORG | |
| Brand | BORNO STATE INTERNAL REVENUE SERVICE | |
| Screenshot | https://cdn.zerophish.ai/12ce9619-1304-4034-a746-4a84fbf551d0.jpg | |
| Scan ID | 1c41ea4f-6e0e-4b58-aa0c-d0ee8d93823a |
No detection signals on this scan — it predates the signal pipeline. Re-analyze to capture them.
No brand impersonation signals available.
No technical metadata captured for this scan.
The HTML code is designed to look like a legitimate government revenue service site (Borno State), with mentions of tax payment, vehicle document renewal, contact details for Inquiry, and other such services that a government revenue site would provide. However, the URL in the HTML points to birs.bo.gov.ng, which means the original site, mega-capitals.org, is giving out false links to a different site that it is trying to mimic. This is a clear sign of phishing. The brand being targeted in this phishing attack is the Borno State Internal Revenue Service. The domain mega-capitals.org does not seem to be associated with the Borno State government