Phishing Analysis: Amazon

Captura Visual

Informações de Detecção

http://im.nbpublic.com/loading_page/amazon/AmazonGiftCard_10/index.html?lptoken=17e1629705be74da1605&cep=N4Igdgpg7g+gFgSwC4wQExALhAIwGYBMAzAIzF4C0AhiXgCwV0AMEAnBQByFEU4DshCGho4ArKwBsIADQgAbggDOyVBmwcqdAhwIkGHVlUrMiaCqz0MmEqgRY6+EEgGMZ8pSqQIAthEVIqbwAHLBA7AlEKEhIKJgIAFSYiTFFkolEAOlY+DgAtNwVlJAB7ACdVUKJbPkMIBj4+KghGQypePiIeAgkIHS0JcQgpWWdAoKoEAHMwCuwJViYSHGc0CCIJJjxxJkXu5zoiMTcwYtXZkCYYEmPTiBgkAE8giFCAGSowNAQwSZuz5zgEzAWAA2hcriAALqyIKlPwQAA2EGcSCEMBOqywoEezzeHy+PzcAVKkwgKHQoXmixwaGYBAIVCYdAgOzIEQITlEfzuFOwl2uskgAA8kFiQDiXtgAPJ4PAQUpEqgksnnKlLHBUVjORpGOy7VJCGnc86XU0AH35MCYFpgBCtxwgIqwYAArgiEQBfD0jQHfGBBYpFBDFYGYUDOF2lOFgJAAOVuAElPo6sExZDhSh8AUmvs4/KDId6QEoYHCvnCUVgkKUXRBZABHRQhMMgZwIhDOADW52AbY73fQHrczjhVC8ch5ahAvdH48nQ9kVDQchgo2CE2mPaXK7X4ymM0Hw9nCAn6MCkunI4gY5PdzA54XIBdLt50+fh8Xy5gxVl8q3X5/OVyg/EBAL/e9fFCYAwPKCCIEfIw8AQdsx0nKDEOQhBUNUR90DwKgoLwqhcLQfCYG8NAuWwYAiPIyjH0mCYp2ARiQNYtA6Ko6d2M43DfAQQj+L4iAEE4wSRN4tx8VKYp0C3T4ZLkkDpNkji5IorjgBUpSOI0x9vCoVxqIM5x9MMsTjPMvS3GKJioNskCHN0yj7KYyTZBdAjqM8ocixLSAoCwfCEUUeCgA=

Detected Brand

Amazon

Country

International

Confidence

95%

HTTP Status

200

Report ID

6fc5aaa7-cc1…

Analyzed

2026-02-27 11:09

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1056187705449D8BBC2C3C2E086783B6E36C1CA86EE2B1A9886F4D31D1FEBD90ED07155
CONTENT ssdeep	48:llMLEKOW2IbSAwwy6qj4OQHj4OQgj4OQtj4OQ8pt8BjH5c7BjHY3BjHM/9MBjH8Y:Lsaw9ycAzuozscqK0

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	b333333399999926
VISUAL aHash	e7e7e7ffe7ffffff
VISUAL dHash	4d4d0d294d0d0008
VISUAL wHash	07078181a581ffff
VISUAL colorHash	07006008000
VISUAL cropResistant	4d4d0d294d0d0008,5945cd1636aa3834,0e4e2bc4d063a409

Análise de Código

Risk Score 3/100

Threat Level ALTO

⚠️ Phishing Confirmed

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários da Amazon
• Método: Golpe da cartão de presente
• Exfil: Potencialmente através do redirecionamento para um formulário (não visível imediatamente) ou através de dados coletados mais tarde.
• Indicadores: Correspondência de domínio, oferta de prêmio e perguntas sobre presentes.
• Risco: Alto

🔒 Obfuscation Detected

unescape

📡 API Calls Detected

POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain does not match the legitimate brand (Amazon).

Impersonation

The page impersonates Amazon by using its logo and branding.

Prize Offer

Offering a gift card is a common phishing tactic.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

Amazon Phishing Landing Page

Alvo

Amazon users (International)

Método de Ataque

Brand impersonation + obfuscated JavaScript

Canal de Exfiltração

Form submission (backend endpoint not detected - likely JavaScript-based)

Avaliação de Risco

LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

2 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand

Amazon

Official Website

https://www.amazon.com/

Fake Service

Amazon Gift Card Giveaway

⚔️ Metodologia de Ataque

Primary Method: Brand Impersonation

The attacker is impersonating Amazon to trick users into believing they are on a legitimate Amazon-related page, with the aim of stealing credentials or sensitive information.