Live Threat Surface

ClickGrab Threat Intelligence, rebuilt for speed and clarity

Daily telemetry from ClickFix and FakeCAPTCHA campaigns, correlated into one view so teams can spot the chain: social lure, clipboard abuse, and execution behavior.

Pressure Trend Threat pressure is climbing versus yesterday.
URLs Analyzed 92
Threats Detected 52
Detection Rate 56.5%
Indicators / Threat 149.4
Pressure Score 100/100

Correlation Snapshot

How attacker behavior clusters inside suspicious pages from the latest run.

Lure -> Execution Correlation

16 sites (30.8%)

Suspicious sites that combine social lures and execution indicators.

Clipboard -> Execution Correlation

16 sites (30.8%)

Sites where clipboard abuse appears alongside command execution behavior.

Redirect -> Obfuscation Correlation

10 sites (19.2%)

Sites blending redirect staging with encoded or obfuscated script content.

Full Chain (Lure + Clipboard + Execution)

16 sites (30.8%)

Potential end-to-end social engineering chains in a single page sample.

Indicator Signal Mix

Top extracted signals ranked by volume and normalized per suspicious site.

Suspicious Keywords

763 total | 14.7/site

IP Indicators

261 total | 5.0/site

Clipboard Activity

241 total | 4.6/site

CAPTCHA Bait Elements

125 total | 2.4/site

Fake Cloudflare Lures

80 total | 1.5/site

Redirect Activity

69 total | 1.3/site

Recent Threat Activity

Detection pressure over the latest report windows.

February 19, 2026
52 threats 56.5% hit rate
February 14, 2026
48 threats 57.8% hit rate
February 13, 2026
40 threats 54.1% hit rate
February 12, 2026
48 threats 55.8% hit rate
February 11, 2026
43 threats 53.1% hit rate
February 19, 2026

Daily Threat Report

52 Threats
92 Sites
56.5% Detection
Open Report →
February 14, 2026

Daily Threat Report

48 Threats
83 Sites
57.8% Detection
Open Report →
February 13, 2026

Daily Threat Report

40 Threats
74 Sites
54.1% Detection
Open Report →
February 12, 2026

Daily Threat Report

48 Threats
86 Sites
55.8% Detection
Open Report →

What ClickGrab Correlates

The engine links lure behavior, execution tradecraft, and infrastructure movement in one workflow.

PowerShell + Clipboard Chain

Highlights runbook-style attack flow when copied commands connect directly to execution artifacts.

Fake CAPTCHA and Lure Tracking

Flags fake verification patterns, social prompts, and lure themes that map to active campaigns.

Redirect Infrastructure Mapping

Captures redirect chains and handoff points to expose staging and command delivery paths.

Obfuscation Pressure Scoring

Measures base64 and script concealment density to prioritize pages that demand deeper triage.

IOC Extraction at Scale

Surfaces URLs, IPs, command strings, and keywords in structured output for analyst workflows.

Daily Trend Visibility

Shows detection-rate movement so teams can spot campaign acceleration before it peaks.

See the chain, not just isolated indicators

ClickGrab now emphasizes the relationship between lures, clipboard abuse, and execution behavior so defenders can triage faster and act with context.