Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T136E17517B541AA3605C383EEBB33D36EF7A5CA84C553074952F4832C96D5CC4CE2BA55 |
|
CONTENT
ssdeep
|
96:TSuTzhLyEU+zxxqUMW+LQuW3mzDkSX0MWapny:xTzhLyE79xqYXmzDkoHQ |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bc3c3e6d6592c161 |
|
VISUAL
aHash
|
8181ffffc3c3ffff |
|
VISUAL
dHash
|
3b3b3fc01713e036 |
|
VISUAL
wHash
|
8181dfc38181cfdf |
|
VISUAL
colorHash
|
0e007000000 |
|
VISUAL
cropResistant
|
3b3b3fc01713e036,7fff7d697f7dffff,21003030c4c40001 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.