Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1F161A9969111A71C804186EA66237AE633CF90DED3857264C0FF437C325FDA8D8E64DE |
|
CONTENT
ssdeep
|
48:TV2zQRiSXaT5W8gVXLWyTPciIVHPXLF9svhCkjupln1vhIE8CmkVpUn0C0:TV2zQ40aTE8QWyT0LfEZCEub5Vps0 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c438368e49f2ec9d |
|
VISUAL
aHash
|
0010fefc787c6600 |
|
VISUAL
dHash
|
35f494d0f2e0cce4 |
|
VISUAL
wHash
|
0034fefcfcfc6600 |
|
VISUAL
colorHash
|
39601008000 |
|
VISUAL
cropResistant
|
9e8082e2e28280c4,35f494d0f2e0cce4 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.