Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1380210726144ADB70193E3E9E771E72F7686D348CA932786A2F8D74C0FC6D9ACC51218 |
|
CONTENT
ssdeep
|
96:eArk47Pz5CvHIxhnua1QnBO4vRlQvqOdBvlP8ARJoTB0VgmPHhtd4yJxy7P3hj2:eWkKwPYnus4vRlmRJoTGrPxwhq |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9b9b31314e4c64f3 |
|
VISUAL
aHash
|
3cffff3c3c000000 |
|
VISUAL
dHash
|
7179796169062800 |
|
VISUAL
wHash
|
ffffff3c3c000000 |
|
VISUAL
colorHash
|
070020001c0 |
|
VISUAL
cropResistant
|
7179796169062800 |
• Amenaza: Phishing
• Objetivo: Usuarios de Facebook
• Método: Suplantación de identidad a través del dominio de Blogspot
• Exfil: Potencialmente a través de un script en la página
• Indicadores: Nombre de dominio, plataforma de alojamiento y falta de contenido.
• Riesgo: Alto
The attacker aims to steal user credentials by creating a fake Facebook login page. They use a domain that suggests a Facebook login and host it on a platform like Blogspot to make the site look more legitimate.
The attacker may use various tactics (e.g., sending phishing emails or links) to trick users into visiting the fake login page and entering their credentials.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain