ClickArmor

ClickArmor is designed to detect and prevent social engineering attacks in browser 100% locally.

ClickArmor protects you from social engineering and phishing attacks in real time. ClickFix Protection ClickArmor monitors clipboard activity and analyzes page behavior locally in your browser, catching attacks at multiple stages, from the fake lure to the malicious payload reaching your clipboard. When a threat is detected, ClickArmor can clear the clipboard and display a detailed warning. Detects: Fake CAPTCHA and “human verification” pages that instruct you to run commands Fake browser update screens with simulated download progress Obfuscated script loaders that fetch payloads from remote infrastructure Clipboard hijacking via writeText, execCommand, and DataTransfer APIs Hidden command payloads embedded in page elements Multi-stage attacks that replace the page with document.write() Homoglyph and Unicode evasion techniques, including Cyrillic lookalikes and zero-width characters Credential Phishing Protection: ClickArmor scans pages for credential harvesting and brand impersonation on domains that do not belong to the brand being shown. If you land on a fake Microsoft, Google, PayPal, Adobe, or banking login page, ClickArmor can display a full-screen warning identifying the impersonated brand and the legitimate domain you should expect. It also detects brand impersonation hosted on abused platforms such as Google Sites, Google Forms, and SharePoint, as well as AiTM-style login relay pages. How it works: Page-level scanning identifies social engineering signals, brand impersonation, and AiTM indicators Clipboard hooks intercept suspicious write attempts before payloads reach your clipboard Form analysis detects credential harvesting on unofficial domains High-confidence threats trigger a warning banner or blocking overlay You decide whether to leave the site, whitelist it, or continue at your own risk Privacy first All detection runs 100% on-device. No telemetry. No cloud lookups for browsing activity. No data collection. Your browsing stays in your browser. Validation: ClickArmor has been tested against: 56,000+ real-world phishing URLs from PhishTank 5,000+ ClickFix-related domains from ThreatFox