Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D1A2E635C093EE5E216E45DC65AEA759A2DE8480E43F8680D6FC52BF49CCC85BC1EC4B |
|
CONTENT
ssdeep
|
384:YZCorCBgbyII3uQJb1QC/16MDbLY2YIjDxVRmF6zG7aUFuK52/KFcRXa2KejbUKc:YZCorC+GII3uQJRQC/cMDvY2YIBV4F6I |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
85857a4a733162f7 |
|
VISUAL
aHash
|
013b3b0312300081 |
|
VISUAL
dHash
|
6572f6d6e6e55a35 |
|
VISUAL
wHash
|
033f7b1b33303f81 |
|
VISUAL
colorHash
|
30006000040 |
|
VISUAL
cropResistant
|
7ef2a2a2a2b2e800,a8b5a6a659a482bd,6572f6d6e6e55a35 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.