Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T103F1022662447E3F649703E4D715B3B722E59281EA0A122549FDC37C0BD6D8DED33590 |
|
CONTENT
ssdeep
|
96:TJhfv1KrLlegrbl9TlBQ9hSBGy0GkdKPGFjGqil6GlFG+GtCaGRxYH/2x/i4QKA7:P31ebjzZgyBk10z9Szt+R02xHQKA7 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f322669999cccccc |
|
VISUAL
aHash
|
e7e7e7efefe7e7ff |
|
VISUAL
dHash
|
4d4d4d5a5a5c4d32 |
|
VISUAL
wHash
|
e6e4e4e8e8e8e0d8 |
|
VISUAL
colorHash
|
07000000038 |
|
VISUAL
cropResistant
|
4d4d4d5a5a5c4d32,cc8a1bcb6b6b6a8c,631ceaaaa86a2c84 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)