Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://vantagepointbooks.com/
Detected Brand
Microsoft Office 365
Country
International
Confidence
100%
HTTP Status
200
Report ID
96f64633-aa4âŚ
Analyzed
2026-02-04 11:53
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T152D1083030286C6B91A7C2B2B37ADB422055C514C3171626DDF48B9E3AF6E39CCB53AD |
|
CONTENT
ssdeep
|
96:n5hurqb1dQRWeSkUkIrvS5NUSXIXpJY7l48S6c1PWZUQWyysXUNGQUMljTp:57WWCUkIraNUSXIXpJOqll1Pc1Waub5 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ca3d91663699b466 |
|
VISUAL
aHash
|
7c787c7c7c78787c |
|
VISUAL
dHash
|
d9f9e9e9e9c9c9d9 |
|
VISUAL
wHash
|
7878787878787878 |
|
VISUAL
colorHash
|
07000000180 |
|
VISUAL
cropResistant
|
d9f9e9e9e9c9c9d9 |
Code Analysis
Risk Score
73/100
Threat Level
ALTO
â ď¸ Phishing Confirmed
đŁ Credential Harvester
đŁ OTP Stealer
đŁ Banking
đŁ Personal Info
đŹ Threat Analysis Report
⢠Threat: Phishing
⢠Target: Microsoft Office 365 users
⢠Method: Impersonation and credential harvesting
⢠Exfil: Email address
⢠Indicators: Domain mismatch, form requesting email, impersonation
⢠Risk: HIGH
đ Obfuscation Detected
- fromCharCode
đ Risk Score Breakdown
Total Risk Score
90/100
Contributing Factors
Domain mismatch and impersonation
The domain is not related to Microsoft and is displaying a Microsoft Office 365 login prompt. A clear indication of phishing
Forms requesting sensitive information
The page has a form requesting an email address to proceed.
Obfuscation
Presence of obfuscation suggests an attempt to hide malicious code from detection.
đŹ Comprehensive Threat Analysis
Threat Type
Banking Credential Harvester
Target
Microsoft Office 365 users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
â ď¸ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
- 6 obfuscation techniques
đ˘ Brand Impersonation Analysis
Impersonated Brand
Microsoft Office 365
Official Website
https://www.microsoft.com/en-us/microsoft-365
Fake Service
Login Portal
âď¸ Attack Methodology
Primary Method: Credential Harvesting (Phishing)
The attacker is attempting to steal user credentials (email) by impersonating Microsoft Office 365. Users are tricked into entering their login information, which is then sent to the attacker. The use of a legitimate-looking prompt increases the chances of success.
Secondary Method: Malware distribution (potential)
The 'Next' button could redirect to a malware payload, although it is not verifiable from the available information.
đ Infrastructure Indicators of Compromise
Domain Information
Domain
vantagepointbooks.com
Registered
Unknown
Registrar
Unknown
Status
Active
đŹ JavaScript Deep Analysis
Operator Language
English (1%)
Sophistication Level
Basic
Total Code Size
282.5Â KB
đ Obfuscation Detected
- : Light
- : None
đ¤ AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.