Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15D9294336104213E1D6385C12B193359FFF74442A6151AA8A9FD9A1E0FC9E8FBE3B245 |
|
CONTENT
ssdeep
|
192:cbhdEahOholNYlXZJpsIIO3MVRWQk0AkeUNzPFi7HAv4pWJXyFvinNzZF+0NKTr9:IYpsIIh0Ar2OufEU1f4QctXE |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8367d1117bc02e7d |
|
VISUAL
aHash
|
20717171017fffff |
|
VISUAL
dHash
|
cec7e7c7dfeff0d9 |
|
VISUAL
wHash
|
003171710307ffff |
|
VISUAL
colorHash
|
000000001c0 |
|
VISUAL
cropResistant
|
6b6a1b5d95b4c5d4,4e469393336b6a2b,5979213153b3b3b3,d3f1c8f0a2a00000,0000000000000000,cec7e7c7cfeff0f0 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim enters banking credentials including account numbers and security questions. Attacker gains full access to victim's banking services.