Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10242B791F645323381D301EEB9326F89E7708206EB612D1CA4FE829C67D7CA5D637963 |
|
CONTENT
ssdeep
|
192:oAVsv3vgfhgz/l2wt7Um4i1q94U9Jn0nYcpnw2KDHOV3nCpoeVn:oksv/gfmzd22YHyC4Kn0zwdDutnCaAn |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c9e363c9cbc96261 |
|
VISUAL
aHash
|
ff00003c18181800 |
|
VISUAL
dHash
|
c8f0e8f0f0f0b2e8 |
|
VISUAL
wHash
|
ff3c3c3c3c3c1818 |
|
VISUAL
colorHash
|
33001000180 |
|
VISUAL
cropResistant
|
c8f0e8f0f0f0b2e8 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.