Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1FE039571E095EC368163C1D5A774937F33919297CA4B0315A3FA832A9EC7EE1EE2158C |
|
CONTENT
ssdeep
|
384:fmKqmIIoGqJxwPRBWaSXY3QaSVVHxzGbjIJl9RZaXpe+uSUV5jTCrbXy0UNrZM:fmK/IIxPRj8VVHRGvIr9RZaXUSUVbNru |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
93a1ecece493e498 |
|
VISUAL
aHash
|
ff002c0c0c0c0c00 |
|
VISUAL
dHash
|
6bd9d9d9d9d9d9a4 |
|
VISUAL
wHash
|
ff0f3f2c2c7c0c04 |
|
VISUAL
colorHash
|
01007000000 |
|
VISUAL
cropResistant
|
946b6b6b2b6b23fb,9ab8e0802929038e,008168131342a400,f7d9d9d9d9d9b9a4,07606a6864686801 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)