Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14112B90FB358337105570162AF4693EBFB25816CF3651BA1B5ED412C63C4E849ABB2DA |
|
CONTENT
ssdeep
|
96:TVL3AqkdWiVyi8nEXUomewouNAIEF5PU+yoIhS6m/4b8EyQIBxtvCj4/lmDLFywi:yyEUzzOsDDagMk/L/fTUOal |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b80f1b0e0b3936cf |
|
VISUAL
aHash
|
0000ffffffffffff |
|
VISUAL
dHash
|
f924189e149e969c |
|
VISUAL
wHash
|
0000cfc3dfc3cfc7 |
|
VISUAL
colorHash
|
060000001c0 |
|
VISUAL
cropResistant
|
241c9e960c96989c,ffeb69fbdcfcffff |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.
Pages with identical visual appearance (based on perceptual hash)