Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1917174709294743E08D5C3DCB7A17F2A27D28195E742086DA3EACB6E8FD7E50DC019E9 |
|
CONTENT
ssdeep
|
48:GjPCeNmTNMgEMFIiGy5a9O/qIXmQJIkQSqyBhor9ak1qnQ9GEjDsJRp7ic1dqQr:GjiERlynmQKyzKGysfBqK |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d71a5d2a772a5522 |
|
VISUAL
aHash
|
00fffffffffffffe |
|
VISUAL
dHash
|
28004d686810010e |
|
VISUAL
wHash
|
001c2737e7cbddc4 |
|
VISUAL
colorHash
|
07000038040 |
|
VISUAL
cropResistant
|
309964694810010e,00000288988c4208 |
• Amenaza: Revelación de información.
• Objetivo: Clientes de Aruba.it.
• Método: Visualización de los detalles del pedido. No es posible la exfiltración de datos porque no hay envíos de formularios.
• Exfil: N/A
• Indicadores: Detalles de pago
• Riesgo: BAJO: solo se muestra información del pedido.
Victim enters credentials into 1 fake form. Form data is captured via JavaScript or backend submission and transmitted to attacker's server for account compromise.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)
Found 7 other scans for this domain