EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of outlook-office365.mgamt.com

Información de Detección

https://outlook-office365.mgamt.com/landing/form/94860891-05d6-4c26-b80a-5b5e976ada3f
Detected Brand
Microsoft
Country
International
Confidence
95%
HTTP Status
200
Report ID
c082b7c2-471…
Analyzed
2026-02-06 00:16

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T17641A81CD2010346E357EE90F962FBD666140BC0C7134A7C6AB9927AB1CE17553723CD
CONTENT ssdeep
48:n0i0Hls5hwhjO7c2ZgV0jxJF0jIPcU85D4c5hkj0:nfjhh7xg6jxJqjJTt4g5

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
9cc97326cc99d98c
VISUAL aHash
0000181818180000
VISUAL dHash
6171333232327c78
VISUAL wHash
1818181c1f1f1fff
VISUAL colorHash
070000001c0
VISUAL cropResistant
6171333232327c78

Análisis de Código

Risk Score 50/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing de credenciales
• Objetivo: Usuarios de Microsoft
• Método: Suplantación de identidad a través de una página de inicio de sesión similar
• Exfil: Desconocido, probablemente a una base de datos controlada por los atacantes.
• Indicadores: Coincidencia de dominio incorrecta, Formulario para credenciales de inicio de sesión
• Riesgo: ALTO

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Domain Mismatch
The domain does not belong to Microsoft.
Form for Credentials
The page has a form requesting sensitive information (username and password).
Impersonation
The page tries to impersonate Microsoft's login page.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Credential Harvesting Kit
Objetivo
Microsoft users (International)
Método de Ataque
Brand impersonation + credential harvesting forms
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Microsoft
Official Website
null
Fake Service
Microsoft Outlook Login

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The attackers are using a fake login page to steal user credentials. When a user enters their information, it is sent to the attackers.

Secondary Method: Social Engineering

The attacker uses the Microsoft branding and interface to trick users to hand over their login information.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Domain
outlook-office365.mgamt.com
Registered
2019-07-11
Registrar
Unknown
Status
Active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Microsoft
https://mgamt.com/landing/form/779d0071-1dcc-4633-902a-d8ea2...
Abr 05, 2026
 Screenshot
Microsoft
https://secure-datalink.org/landing/form/5a7d3a80-9d8f-4fab-...
Abr 05, 2026
 Screenshot
Microsoft
https://secure-datalink.org/landing/form/f5dfd805-5551-46ee-...
Mar 29, 2026
 Screenshot
Microsoft
https://outlook-office365.mgamt.com/landing/form/259885eb-96...
Mar 25, 2026
 Screenshot
Microsoft
https://mgamt.com/landing/form/ede3e395-327d-4ce9-a5ad-714f8...
Mar 25, 2026

Scan History for outlook-office365.mgamt.com

Found 2 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.