Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CC129627A1843132064381D3B96383E6B3BDC00DA7650B51A5FEC35D5BCA46ECF6B399 |
|
CONTENT
ssdeep
|
192:91hDyOgPm6v7A+o9zg574RRDl/xpGm1m+QIr4fRodwwQfPkdz:91AOgPtD/6JDEJiAPkdz |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c734c7343496e792 |
|
VISUAL
aHash
|
36383c0000383c3c |
|
VISUAL
dHash
|
c4d0e16044484949 |
|
VISUAL
wHash
|
763c3c103c3c7c7c |
|
VISUAL
colorHash
|
38006000080 |
|
VISUAL
cropResistant
|
c4d0e16044484949 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Pages with identical visual appearance (based on perceptual hash)