Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19E51642401946D6FE193D3FC93F4AF2B76868341CB879B1166E8438D5ACEDA0CF15798 |
|
CONTENT
ssdeep
|
48:MupKWfXZJQyo/f9SKrftzVWwZSbU85Brgm9tWIplIvTF:MuoWfXZJQyefDf/AvBrgrIKR |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b333996666cc8966 |
|
VISUAL
aHash
|
efefefe7e7ffffff |
|
VISUAL
dHash
|
880c084d4d181818 |
|
VISUAL
wHash
|
66e72323e0e0e4e4 |
|
VISUAL
colorHash
|
07000000038 |
|
VISUAL
cropResistant
|
880c084d4d181818,8080808080808080,80e2a0a5a8588c80 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.
| ID | Português | Inglês | Trigger |
|---|---|---|---|
Pages with identical visual appearance (based on perceptual hash)