Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1FD4141754298EE3DA813D7649798F839C35EC1FBB582420496EEDF9E21D96C4CC07290 |
|
CONTENT
ssdeep
|
48:RKKO0kG8uJmGaCbmImHqmW3Imxn04K7IF8VGY:JO0E5RCbapV |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
cc3333cccc3333c9 |
|
VISUAL
aHash
|
0000181818180000 |
|
VISUAL
dHash
|
0000103032300800 |
|
VISUAL
wHash
|
0f0f3f3f3c3c3030 |
|
VISUAL
colorHash
|
38000000180 |
|
VISUAL
cropResistant
|
0000103032300800 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.
Pages with identical visual appearance (based on perceptual hash)