So you want to search for active phishing websites via Google?You could start off with a simple search parameter like – inurl:paypalYou'd get way too many results, and vast majority of them would be legitimate sites.But if you kept scrolling down, you would eventually find this:Hmmm… paypal-account-protection.com? Sounds phishy.Indeed, it's a live phishing site, located in the /eg/ directory of the site.Now, let's have a look at the front page of the site.Who would have guessed? "209 host locked" – the telltale sign of a rock phish site.So, let's refine our original search and now search for – inurl:paypal intitle:209I rest my case.