Scan a URL for Phishing Threats in PHP

1 min readMar 15, 2021

Social engineering is generally defined as the psychological manipulation of people into performing certain actions or disclosing sensitive information. These techniques can range from fraudulent phone calls to the impersonation of employees, but the technique we will be addressing here is one of the most common — phishing. Since phishing attempts frequently take the form of malicious URLs, we have developed an API that will specifically scan a URL for phishing risks.

To start using the API in PHP, we need to install the SDK:

composer require cloudmersive/cloudmersive_validate_api_client

Next we can access the library, instance the API, and call the function:

require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: Apikey
$config = Swagger\Client\Configuration::getDefaultConfiguration()->setApiKey('Apikey', 'YOUR_API_KEY');
$apiInstance = new Swagger\Client\Api\DomainApi(

new GuzzleHttp\Client(),
$request = new \Swagger\Client\Model\PhishingCheckRequest(); // \Swagger\Client\Model\PhishingCheckRequest | Input URL request
try {
$result = $apiInstance->domainPhishingCheck($request);
} catch (Exception $e) {
echo 'Exception when calling DomainApi->domainPhishingCheck: ', $e->getMessage(), PHP_EOL;

And that’s it! The only inputs you need are your API key and the URL you wish to scan. To retrieve your free API key, visit the Cloudmersive website and gain access to 800 calls/month across our complete library of APIs.




There’s an API for that. Cloudmersive is a leader in Highly Scalable Cloud APIs.