Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D6B1C60FE05137290583026EFB1AC2FDE7314045E62A0F9574F9C35EAAC19E4C67B99E |
|
CONTENT
ssdeep
|
96:TRPXd3Xet3oHesE/ouJH0SGTeSpTbgrvtEK+0btn+5T2C259Etz9HsN2:9Bi7yDTUrFEAbtxbPEII |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b84b4d4f30b2e6c6 |
|
VISUAL
aHash
|
0000ffefffffffff |
|
VISUAL
dHash
|
32b21c9c341e3030 |
|
VISUAL
wHash
|
0000c787c7c3dfdf |
|
VISUAL
colorHash
|
0e0000001c0 |
|
VISUAL
cropResistant
|
189c9c243c363034,0010103014b2b230 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.