For the protection of your official websites, we offer an essential tool for detecting fake pages created by fraudsters. OnePixel is a protection system that streamlines the detection of the majority of attacks of this kind, provided to everyone who has Phishing monitoring on the Axur Platform. It serves as an important complement to the monitoring process.

How does OnePixel work?

This mechanism is integrated with your official webpage and enables the real-time identification of fake pages. It consists of a script, invisible from the user's perspective and performance, added to the source code of your website.

Important! This script needs to be implemented by your company on the website you wish to monitor.

This script uses the referer field of the HTTP header to identify the source of the connections to your website.

To understand OnePixel, it is necessary to understand what happens when we click on a link. Check below.

When you access a link on a page, a request is made to the destination server of that link. This request contains a field called referer, which informs the source location of this request, i.e., the link you were on before being redirected to this destination. OnePixel identifies the links from which the user was redirected to your website, as many phishing attempts redirect the user to the legitimate site after collecting the desired information.

Furthermore, when a fraudster creates a copy of your official webpage (stealing the HTML), they will also carry the OnePixel code to the fake page. This allows for the identification of fake pages even before the attack is disclosed.

How to configure OnePixel on my website?

1. First, go to Settings > Integrations > OnePixel.

Unique and unchangeable script dedicated per client with no usage limit:

Implement this script in the HTML source code of a web page. It is recommended to implement it in the headers</head> or in the body of the site before the </body> tag. Implement it on all possible sites regularly accessed by end consumers.

2. Install with HTML: Access the source code of the desired page and install the script right after the </head> tag. Once installed, verify the site in an anonymous window and F12 to check if the script is installed or on the platform itself.

3. Install with Google Tag Manager: Access the platform in the Workspace > Tags > New > Tag configuration tab, then search for Custom HTML and paste the previously copied script. Finally, choose the All Pages option in the Triggering section and save the settings.

It can also be included in an external JavaScript file called your page. This code can be included in all HTML files of the site, but we advise keeping it mainly on the home, login, or sensitive data entry pages.

How can I verify if OnePixel has been successfully implemented?

Option 1: Confirm directly in the OnePixel monitoring configuration on the platform, as shown in the image, if it is receiving signals from the installed links.

Option 2: You can search for the code in the HTML using “x-in=” or search for “s3-sa-east-1.amazonaws.com” in the network console.

Option 3: If you haven't found it yet and the Axur platform is showing that OnePixel is installed, try using Google Tag Manager.

Limitations:

Due to the referrer policy, sometimes we may not obtain a complete URL from OnePixel. Basically, the website is not required to send a complete URL, depending on the web browser used by the end consumer or the referrer policy adopted by the web page.
The implementation does not prevent code theft or the fraudster from detecting and removing the code.
If a fraudulent page redirects to one of your pages, where the OnePixel is set up, but that page is only accessible through a VPN because it is private, we won't be able to collect signals. The page must be publicly accessible for accesses to occur and signals to be gathered.

Attention! The Axur platform now displays a list of the most recently monitored pages (up to 100 URLs), showing the most recent accesses first. Pages are consolidated by URL, meaning that if a page receives multiple accesses, only one entry with the latest record will be displayed. In addition, pages included in the Safelist are also shown in this list for verification purposes only, and no tickets will be generated for them.

Please note that the platform displays pages containing the OnePixel script that we have received within the last 7 days. Therefore, if the script is removed today, it may still appear on the platform for up to 7 days after the last access. However, if the last access occurred more than 7 days ago, the page will not be displayed, even if the script is still present.

Q&A

How can I verify if a phishing attempt can be detected by the OnePixel technology?

Access the active phishing attempt, browse as a potential victim from an anonymous window (Ctrl+Shift+N), click on some menus on the website, or fill out forms with false information. Finally, check if during any of the interactions you end up on your official website. If it is possible to end up on the official website, the phishing attempt can be detected by OnePixel.

Will it track data of users who access our website?

No tracking of users who access the sites is done.

Could malicious content be loaded onto the website through Onepixel?

No, through Onepixel it's not possible to transmit malicious content nor does it provide automation to edit sites with the implemented technology.

Does Onepixel affect the performance of the site?

Onepixel does not affect the performance of the sites where it's installed in any way.

Are there any legal/privacy requirements that need to be checked regarding tracking legitimate users?

No tracking of users who access the sites is done.

How many webpages can I implement Onepixel on?

As many as necessary, there is no limit to how many pages we can add Onepixel to. We strongly recommend implementing it on the main domains of the brand, in the header.

Why is it important to implement Onepixel exactly as it was provided?

Sometimes clients may implement the technology, altering its format for better readability, a practice known as indentation. The problem with this modification is that it breaks one of the main advantages of Onepixel, which is to remain hidden, as it brings the code into evidence. For an example of "misuse," see the example below.