Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14EC18307F6447220068311A6FB2703F8E7754589A7220F65A5BFC26C63D068ECE7B6DE |
|
CONTENT
ssdeep
|
96:TmToPhgw8lNhBJ8uTUL35cdc3LHxjw1/KRXfjVxeps00Y9:N5gwwV8uOc0xjg/MhxeQg |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c719994c653c393e |
|
VISUAL
aHash
|
3c3c3c30303c347c |
|
VISUAL
dHash
|
d0c0c8c4e541e0c0 |
|
VISUAL
wHash
|
3c3c7c30307c7c7c |
|
VISUAL
colorHash
|
381c0008000 |
|
VISUAL
cropResistant
|
d0c0c8c4e541e0c0 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)