Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12E82C6B0201856BF248B87B5FB307B25B27994CEE17FC195E3E8C692AF91CA6CD51350 |
|
CONTENT
ssdeep
|
192:j6b826ty3aBj451515151iHjAkeOFNQWjofVvmlHbV7/0a6bYrM8H9VOW8:R26aaBOLLL4Hjve01iM7YSMY38 |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b9a96152821b6ebe |
|
VISUAL
aHash
|
0fcb8f0f0e000c46 |
|
VISUAL
dHash
|
1b9b3a1b5c18da9c |
|
VISUAL
wHash
|
0fcf8f0f0f0c0c6e |
|
VISUAL
colorHash
|
39208000240 |
|
VISUAL
cropResistant
|
1b9b3a1b5c18da9c |
• Ameaça: Phishing de criptomoedas / Roubo de ativos
• Alvo: Usuários da Trezor
• Método: Imitação de serviços de carteira física com iscas de 'recuperação'
• Exfil: Credenciais ou frases semente
• Indicadores: Uso de imagens da interface Trezor e narrativas de conspiração sobre 'colapso bancário'
• Risco: Crítico
The site lures users to input seed phrases or credentials under the guise of an account backup or recovery operation.
Using legitimate-looking UI screenshots to bypass user suspicion.