Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A25132A0A0ACA5338183D1D277BA2F1972E08556C65A3E04C1FCD2DD5FEFE44DC17595 |
|
CONTENT
ssdeep
|
24:hRF8CcmfztBM6yPHxWLpAudR2ni1M/b1TjMcg6DdNEl6ctfqGTjqg6P4kGopNHyg:T2mbjMdJm12nM20L+azXpwGKqG |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ce8c3133ceccdc23 |
|
VISUAL
aHash
|
0000383830380000 |
|
VISUAL
dHash
|
0008606460600800 |
|
VISUAL
wHash
|
00003838fcfcf0f0 |
|
VISUAL
colorHash
|
07000000180 |
|
VISUAL
cropResistant
|
0008606460600800 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.