Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1AD12297174122A1783CFC9FE92305A035369DA46E787CA15FDF88B8D09DB86DEE21079 |
|
CONTENT
ssdeep
|
96:CFASX9Fgwk067H66ttF166APyO/71cmd9Kea3+hvb5aOzD9PCKD4wIFXavRSo9KT:sjHMltrq/72ehvb5aObSXGs7gWcF5wjj |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
989cdd33774c089d |
|
VISUAL
aHash
|
ffff3e1800000000 |
|
VISUAL
dHash
|
f0f0b0f0f8f9dab2 |
|
VISUAL
wHash
|
ffffff3c080c0800 |
|
VISUAL
colorHash
|
1bc00010000 |
|
VISUAL
cropResistant
|
e0e0e0c0e0e0c0c4,f0f0b0f0f8f9dab2 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.