Disclosed herein are techniques for detecting phishing websites. In one embodiment, a method is disclosed comprising receiving, at a server, a request for a webpage from a client device; generating, by the server, and inserting an encoded tracking value (ETV) into the webpage; inserting, by the server, dynamic tracking code (DTC) into the webpage, the inserting of the DTC further comprising obfuscating the DTC; and returning, by the server, the webpage including the ETV and DTC to the client device, the DTC configured to execute upon receipt at the client device and validate the ETV upon executing.