SEAL Org has rolled out Verifiable Phishing Reporter, a submission tool that lets white-hat researchers capture what victims actually see on a phishing page, then prove it. The system hinges on a cryptographic trick SEAL calls TLS attestations, producing tamper-evident transcripts so third parties can’t fake server responses. Cleaner evidence, faster takedowns.
New obfuscation methods
Phishing isn’t just a sloppy email with a bad logo anymore. Attackers increasingly cloak pages, serving harmless content to scanners while showing victims the real trap, often gated behind CAPTCHA or tailored by IP, user-agent or geolocation. Academic work in the last 18 months documents the shift, including methods to pierce CAPTCHA-cloaked lures.
And the macro picture is getting worse. The UK’s NCSC reports a 50% year-on-year jump in “highly significant” cyber incidents in the 12 months to August 2025, with nationally significant attacks now landing every other day. In parallel, UK government survey data estimates 8.58 million cyber crimes against businesses in the past year. In the US, the FTC flags a sharp rise in impersonation scams, with older adults repeatedly losing five- and six-figure sums and $470m reported lost to text-message scams alone in 2024.
How the tool works
TLS, by design, doesn’t give you a neat, portable “this is exactly what the server showed me” record. SEAL’s approach layers TLS attestations on top to bind session content to the connection, creating a verifiable transcript that downstream reviewers can trust. That solves a long-standing evidentiary gap for phishing takedowns and intel sharing, and aligns with ongoing standards discussions around adding attestation-style capabilities to (D)TLS without weakening privacy.
What SEAL does
SEAL Org (backed by names like a16z crypto, the Ethereum Foundation, Paradigm and others) already runs SEAL-911 and an ISAC for crypto, routing victims and intel to specialist responders. Verifiable Phishing Reporter plugs into that pipeline: researchers submit an attested session; SEAL verifies authenticity and malicious content; partners can move faster on blocks, warnings and takedowns.
The bottom line for crypto teams
- Evidence that sticks – Attestations reduce “he-said, she-said” friction with hosts, registrars and law enforcement.
- Cloak-aware detection – Captures the victim view even when scanners see a decoy.
- Operational lift – Pairs with ISAC workflows to shrink response times while the broader threat picture worsens.
For practical user guidance on spotting and reporting phishing, the NCSC maintain up-to-date playbooks and data spotlights, useful references for comms teams and customer-facing warnings. To send SEAL a 911 message, use the link below.
Disclosure: This article is informational and not financial advice.
