Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18B8429EAD3A056D5A50687DCC7E36796702F22EFA71186C8E3784D65F2464BC08C8EC7 |
|
CONTENT
ssdeep
|
3072:aGG6ABv517vMWVIE4IEaIzcr3Y23PhLqcp8hNwyt7fJsgbUL4d+2S:aGG6ABv517vMSIaL0WU3AanUL4dw |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ed93cc6993c6292c |
|
VISUAL
aHash
|
ffffe7ffc3c3f3d3 |
|
VISUAL
dHash
|
230e0e0896961616 |
|
VISUAL
wHash
|
91c3c3e7c3c3c3c1 |
|
VISUAL
colorHash
|
07003400000 |
|
VISUAL
cropResistant
|
230e0e0896961616,1f424861467c7c45,46c65050930f2226 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.