> […] I've already toyed with using AI models to analyze browsers' screenshots and determining if it's likely phishing or not and it works very well.

Assuming the AI is comparing screenshots of real versus phishing, it can only figure it out for poorly done phishing websites.

As phishing scams get more sophisticated with scam websites that look exactly like the real ones, the only things that truly matter are protocols (i.e., HTTP versus HTTPS), domains, URL’s, certificates, etc.

Very interesting, I'm working on exactly the same problem from a couple different angles, but I'm not having much luck. I have negligible background in AI/ML or computer vision however, so I'm most certainly Holding it Wrong (TM). My general approach has been trying to generate embeddings using smaller models like MobileNet and ResNet (not trained or finetuned or anything) and using similarity metrics like Cosine distance, but there's too many false positives. If you can disclose it, would you be willing to expand on what has worked for you?