Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18D917830D442AA3700D6C2E5EB35A79FB7E48690DA436B0917F4C3988ECAD9FEC65524 |
|
CONTENT
ssdeep
|
96:TVQNhoF7DNUAJkMw7FvGQtDH9P+OqG5L/mw+Gu49mMy:aXoI3/5L/mw+Gu4YMy |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8e19194ed4d94e4f |
|
VISUAL
aHash
|
000301ffb430ffff |
|
VISUAL
dHash
|
72dbdd9464656585 |
|
VISUAL
wHash
|
000301ff30b0ffff |
|
VISUAL
colorHash
|
07207000000 |
|
VISUAL
cropResistant
|
8282e2eaeae28282,dbdf9bc46565a585,62db1adbdbef9dde,d9e6766663697926,4c9736666d595932,adccd9b3b7b7beb6,616c6c5e1e7e7e7c,1d06028602029a9a |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.