Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12BA1C74BA64631344B8B032C7B5FC3DDB32A448CD66707986AB5C21D69D12CDCA3AED7 |
|
CONTENT
ssdeep
|
96:TH9ZTrBaBLjWJTjZTw8+KXTLtTdsPMyGZH:32ITFkF2LiA |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b1656465939a9a9b |
|
VISUAL
aHash
|
c3c3ffcfcfcfcfcf |
|
VISUAL
dHash
|
96961e1e1e1e1e1e |
|
VISUAL
wHash
|
c3c3c3c703030303 |
|
VISUAL
colorHash
|
07000000e00 |
|
VISUAL
cropResistant
|
96961e1e1e1e1e1e,0000803030808000 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.