Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T126F31AB053A0ABE9B14383F4963146F572AA71F9DF13834883F856A5AB5ACCDCC59CC4 |
|
CONTENT
ssdeep
|
1536:tB40BHdV1Nff2ffOhssBhssGozWHkB3xnLOvH4kX+LI7IzhIIvIICDqBCUjj3Via:tBT971BpEX+LI+mqBhjj3VicatC |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b38618592e72357d |
|
VISUAL
aHash
|
047effef2fcfc400 |
|
VISUAL
dHash
|
dcfc4ccc5a1a981f |
|
VISUAL
wHash
|
047eeef70fcec400 |
|
VISUAL
colorHash
|
0a2000080c0 |
|
VISUAL
cropResistant
|
9cfcac8c8a9b1a98,90f8f8f0630dc59b,3fc5a4a1f8fef060,939999e9f19388c1,ab17aeda36ecd0b0,dcfc4ccc5a1a981f |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.