Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T135727535A304353E959702C17F612BDEA3A78546E2112A088AFC97BD0FDDE1DEA37285 |
|
CONTENT
ssdeep
|
192:cGDWY0pphII9NYncUFI/LUvBWLKXgfLJL8uR1JZLtf/PwgLkC95cOLtnAkF5I:t2pfIIfiKiBKKXgfVdf5cAzF5I |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8367f311b87bd08c |
|
VISUAL
aHash
|
002020003f2cffff |
|
VISUAL
dHash
|
ccc7c7c7fed85900 |
|
VISUAL
wHash
|
002020011fffffff |
|
VISUAL
colorHash
|
010000001c0 |
|
VISUAL
cropResistant
|
d2dad41434b53a4b,d3f1c0d4a2a00000,000002061e060600,ccc7e7c7e7fcd8d9 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.