What is a Canary Token?

Canary Tokens are a free, open-source tool that helps you discover when bad actors access your data. They can be used to detect unauthorized access to your website, documents, or other sensitive information.

You can read more on the Canary Tokens website.

Cloned Website Tokens

Cloned Website Tokens are a type of Canary Token that can be used to detect when your website is cloned. They work by embedding a unique token into your website that is invisible to your users. When a bad actor clones your website, they will also clone the token. When the token is accessed, you will be notified and ChainPatrol will proceed to block and takedown the malicious cloned site.

You can read more about Cloned Website Tokens on the Canary Tokens website.

Setup Instructions

1

Create a new Canary Token

Go to the Canary Tokens Nest and select the JS cloned website from the list.

Fill the fields with the information below:

FieldValue
Domain of protected website<YOUR DOMAIN>
Mail me here when the alert fires<YOUR EMAIL>
Remind me of this when the alert firesAny note you’d like (ex. Token for <YOUR DOMAIN>)

Next, click Add Webhook Notification, and fill in the following information:

FieldValue
Notify me here when the alert fireshttps://app.chainpatrol.io/api/v2/canary/webhook

It should look something like this when you are done:

Click Create Canarytoken.

2

Navigate to Manage Token

After the token is created, you will see the modal with the token information.

Click Manage Canarytoken to navigate to the token’s page.

3

Save the URL and send it to ChainPatrol

You should save this current page’s URL for future reference. This is a uniquely generated URL containing the token that you can come back to see the history of the your Canary Token.

Example: https://canarytokens.org/nest/manage/<NEST_ID>/<TOKEN_ID>

In order for ChainPatrol to automatically detect cloned websites, send this URL to ChainPatrol via a secure channel. We will connect your token to your organization’s account.

4

Add the generated JavaScript snippet to your website

Finally, to complete the setup of the Canary Token, you need to add the generated JavaScript snippet to the domain that you indicated earlier.

  1. Toggle ON the “Obfuscate this script” option and copy the generated code.
  2. Paste the code into your website’s HTML code, preferably in the <head> tag on the homepage.

Note: We recommend turning OFF Email Alerts, since they may include localhost URLs and other false positives. We will handle the alerts via webhook.

What happens when a cloned website is detected?

When your website is cloned, we will create a new report in your ChainPatrol dashboard. ChainPatrol will proceed to block and takedown the malicious cloned site.