diff --git a/indicators/ETC-funccode.yml b/indicators/ETC-funccode.yml
new file mode 100644
index 00000000..32697313
--- /dev/null
+++ b/indicators/ETC-funccode.yml
@@ -0,0 +1,20 @@
+title: ETC_PhishingDetection
+description: |
+    Detects an ETC phishing targeting Japanese users.(etc-meisai.jp)
+
+references:
+    - https://urlscan.io/result/e623c655-a8f4-470d-9e83-be7bd8c201c6
+    - https://urlscan.io/result/e33beca0-d6d7-4bfd-8a57-3818d079d504
+    - https://urlscan.io/result/516e7e00-2ddb-4036-b44c-33456e3e195a
+
+detection:
+    ETCTitle:
+        title: 'ＥＴＣ利用照会サービス'
+    pagePHP:
+        requests|contains: 'funccode.php'
+
+    condition: ETCTitle and pagePHP
+
+tags:
+  - target.etc-meisai
+  - target_country.japan