Automating Phishing Site Reporting and Takedowns with AWS Lambda + Bedrock

Introduction "Your account has been suspended." "Please update your payment information." — Phishing SMS and emails like these have become a daily occurrence in Japan. As a security engineer, I used to manually report every phishing site I came across, but the workload per report was simply too much to keep up with: Look up the domain's IP address Identify the hosting provider via WHOIS Find the abuse contact email address Write a report email in English Take a screenshot and attach it Send it, then check whether the site was taken down 15 to 30 minutes per report. Doing this for multiple sites every day just isn't realistic. So I built a system on AWS that automates all of the above with a single URL submission. In this article, I'll share the architecture and the lessons learned during development. System Overview curl -X POST https://xxx.execute-api.us-east-1.amazonaws.com/prod/report-auto \ -d '{"url": "https://phishing-site.example.com"}' This single curl command triggers the foll