Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D241B62CD1912407423762A479A39759618B8B4CCB230D0466BDD9ED7BD6D1CC9048BE |
|
CONTENT
ssdeep
|
48:T7mNPX/al5CqN9RUP1JK89J2T6a+6lvnlYa2c/R1S:TiSl5rOtJqlvIT |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
a20088d97737f6dc |
|
VISUAL
aHash
|
00182700ffffffff |
|
VISUAL
dHash
|
c8f0cccca8000000 |
|
VISUAL
wHash
|
000c0000e7ffffff |
|
VISUAL
colorHash
|
07000030000 |
|
VISUAL
cropResistant
|
c8f0cccca8000000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)