Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10471A56150054C071213E1E4675AFE7B52F39A88CF094645E7ED57DC5AEDFC0FC12494 |
|
CONTENT
ssdeep
|
48:Tj6U6LYcfcHcvcnwJpdJpxJp9byw+nb0Jh4ZXX3kM3ocZZXX3xvj3e97ugtGolmw:TtMPBVpuw+wh4tkOoMtxvbFIF99R |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
98eb3214dcb2cd5c |
|
VISUAL
aHash
|
fffffbff18000000 |
|
VISUAL
dHash
|
8433ab4bb2b23d35 |
|
VISUAL
wHash
|
fffff9ff18000000 |
|
VISUAL
colorHash
|
06000000038 |
|
VISUAL
cropResistant
|
a20533ab0cb2b2ba,458c6a6968ece9f1,bd353d3d3332d208,00540bccd4134810,b2b0b2caed353d33 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.