Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10BF163A3701C972B1386F2E4FE616EDDB120425ECF9E0F99887C42B7F559CA8CD0654A |
|
CONTENT
ssdeep
|
192:ha+m6YrzMvpUN1hLtOsWhj9oQfJK8f3dOlpHi1TidD:jp41HuN9oLHixidD |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ff00ff00ff006c69 |
|
VISUAL
aHash
|
f9ff0080800080c0 |
|
VISUAL
dHash
|
910c800000800020 |
|
VISUAL
wHash
|
ffffff808080c0c0 |
|
VISUAL
colorHash
|
38006018000 |
|
VISUAL
cropResistant
|
f7ebc8ccce9e9e9e,910c800000800020 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.