Phishing Analysis
Detailed analysis of captured phishing page
70
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: Ericsson
- • Amenaza: Ataque de phishing para robar credenciales
- • Objetivo: Empleados de Ericsson
- • Método: Página de inicio de sesión falsa para robar credenciales.
- • Exfil: Probablemente enviado a un servidor malicioso controlado por el atacante.
- • Indicadores: Desajuste de dominio (auth-secure.me vs ericsson.com)
- • Riesgo: ALTO - Posibilidad de compromiso de la cuenta y violación de datos
⚠ Factores de Riesgo
- Suplantación de marca Ericsson en dominio no oficial
- Indicadores de robo de credenciales detectados
- Indicadores de robo de otp/2fa detectados
Visual Capture
No screenshot available
Detection Info
https://auth-secure.me/0QyIgwjMBEGfhQ?/workitems/3ont208h/WorkItemMention/VGhpcyBtaWdodCBiZSBhIEhveGh1bnQgc2ltdWxhdGlvbi4gT25seSBvbmUgd2F5IHRvIGZpbmQgb3V0Li4u
Detected Brand
Ericsson
Country
International
Confidence
100%
HTTP Status
200
Report ID
8b78e607-dd8…
Analyzed
2025-12-23 13:07
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T189D1FF7060409D3B5287C6E4B3B9AB5B3394C346EA97565A63F8C75C0EF3E16CC1A226 |
|
CONTENT
ssdeep
|
96:nIpkCGTHRPyT/BkrwkMmMs39TbJG9KjsWsjOs0U2gs0sjOlOVJQ6Q6ynQjNsjOi:9a/Bk8i9TbJG9aiFOVJQyyQj2 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9d4b7326cc999964 |
|
VISUAL
aHash
|
18001818191f0f9f |
|
VISUAL
dHash
|
7161733331727d38 |
|
VISUAL
wHash
|
191818181f1f1fff |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
7161733331727d38 |
Code Analysis
Risk Score
70/100
Threat Level
ALTO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Personal Info
🔬 Threat Analysis Report
• Amenaza: Ataque de phishing para robar credenciales
• Objetivo: Empleados de Ericsson
• Método: Página de inicio de sesión falsa para robar credenciales.
• Exfil: Probablemente enviado a un servidor malicioso controlado por el atacante.
• Indicadores: Desajuste de dominio (auth-secure.me vs ericsson.com)
• Riesgo: ALTO - Posibilidad de compromiso de la cuenta y violación de datos
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
No screenshot
Ericsson
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont208h/WorkI...
Dic 12, 2025
No screenshot
Ericsson
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont208h/WorkI...
Dic 12, 2025
No screenshot
Ericsson
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont208h/WorkI...
Dic 12, 2025
No screenshot
Ericsson
https://auth-secure.me/8tLl56r1YR2F1N0?/workitems/3ont208h/W...
Dic 11, 2025
No screenshot
Ericsson
https://auth-secure.me/OaL00G1sj6GkbA?/workitems/3ont208h/Wo...
Dic 11, 2025
Scan History for auth-secure.me
Found 10 other scans for this domain
-
https://auth-secure.me/qQIWByqpVIm0wzqL?/malta-int...
https://auth-secure.me/uevS-wCLOtUaMg
https://auth-secure.me/uevS-wCLOtUaMg
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont...
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont...
https://auth-secure.me/DUsBy0TGV4k?/workitems/3ont...
https://auth-secure.me/8tLl56r1YR2F1N0?/workitems/...
https://auth-secure.me/OaL00G1sj6GkbA?/workitems/3...
https://auth-secure.me/BL-Es5vMUNQcVFY?/workitems/...
https://auth-secure.me/OaL00G1sj6GkbA?/workitems/3...