Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1DD14AB319166CDB381D7E2E046359B1F72A6D708E9471382A7E9C39C2FCBD81CD82A57 |
|
CONTENT
ssdeep
|
768:+kz66jg0zU+KCwqyQQrdll50s8K7NhiD6jUlkC7SlXzqYW1IjUkadu1DpYqj6+Bt:+kz6P+sarv25z5Dz6P+sarj25z4 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b9c6398e8b38ce32 |
|
VISUAL
aHash
|
ffffffffffc3c3c3 |
|
VISUAL
dHash
|
298e0e2e40169696 |
|
VISUAL
wHash
|
bdc3e7e7c3818181 |
|
VISUAL
colorHash
|
0e038000000 |
|
VISUAL
cropResistant
|
298e0e2e40169696,33472c0e2d0d5d4c |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.