SafeMode - Analysis: sso-security.com

EN ES PT

Back to Stats

70 Risk Score

High Risk

Threat Level: CRITICAL • Impersonating: Copart

• Threat: Credential harvesting phishing targeting Copart users.
• Target: Copart account holders.
• Method: Fake sign-in page to steal user credentials (email and password).
• Exfil: Likely to a remote server controlled by the attacker, but details are unavailable without further code analysis.
• Indicators: Mismatched domain 'sso-security.com', which is different from the official Copart domain (copart.com).
• Risk: HIGH - The site attempts to steal login credentials, potentially leading to account compromise.

⚠ Risk Factors

Brand impersonation of Copart on non-official domain
Credential harvesting indicators detected
OTP/2FA stealing indicators detected

Visual Capture

Screenshot of sso-security.com

Detection Info

https://sso-security.com/8mdoRKygydY_ntWLug?/aG94aHVudA

Detected Brand

Copart

Country

International

Confidence

100%

HTTP Status

200

Report ID

e9a197d9-be1…

Analyzed

2025-12-29 13:15

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T170D1FE7060509D3B4283C6D4B3B9AB9F7394C346EA87565A63F4C39C0FE3E56CC1A226
CONTENT ssdeep	96:nIpkCGTHRPyISakrwkMns39TbJG9KjsWsjOVo0U2gs0sjOVZOVJQ6Q6ynQjNsjOg:9BSak8C9TbJG9ah61ZOVJQyyQjhu

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9c497326cc99d966
VISUAL aHash	18001818191f0f9f
VISUAL dHash	7161713331727d38
VISUAL wHash	191818181f1f1fff

Code Analysis

Risk Score 70/100

Threat Level CRITICAL

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Credential harvesting phishing targeting Copart users.
• Target: Copart account holders.
• Method: Fake sign-in page to steal user credentials (email and password).
• Exfil: Likely to a remote server controlled by the attacker, but details are unavailable without further code analysis.
• Indicators: Mismatched domain 'sso-security.com', which is different from the official Copart domain (copart.com).
• Risk: HIGH - The site attempts to steal login credentials, potentially leading to account compromise.

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

http://inner.website/pcdde712fh20d94f742bc3a42131444b38b5.ht...

Screenshot

https://inner.website/yba964a42c4b7d4e62la770d4a1827d382b7.h...

Screenshot

https://inner.website/y023e62ecc47bd45efl8a100d2888677a163.h...

Screenshot

https://inner.website/yd0dd9503c13e84494l82ec464e8fa52549d.h...

https://inner.website/p8f95d256hfeeb436d2a4b540cc1ae756976.h...

Scan History for sso-security.com

Found 10 other scans for this domain

https://sso-security.com/pSWUhYWFe0hRfvxBhg?=useri... Copart Jan 07, 2026 14:00

https://sso-security.com/tuJwHdkl4Xc6v60N?=userid&... Mailport Jan 07, 2026 13:55

https://sso-security.com/mwNw9yK7zSMRZa4?=userid&m... Belectric Jan 07, 2026 01:13

https://sso-security.com/V6ocws3yf6a162k?=userid&m... Copart Jan 07, 2026 01:11

https://sso-security.com/yDggbRnMeqV36P0?=userid&m... BELECTRIC Jan 02, 2026 11:19

https://sso-security.com/oZ9LZteAbpu9?=userid&mess... Copart Jan 02, 2026 09:29

https://sso-security.com/g28Wrc83vcT5d48?/aG94aHVu... Implement Consulting Group Jan 02, 2026 07:44

https://sso-security.com/W0Sy9LNGpj7PPSk?=userid&m... Groupe Deret Dec 30, 2025 13:12

https://sso-security.com/sdtaSCjL3SMXheo?=userid&m... Neoenergia Dec 30, 2025 04:29

https://sso-security.com/wPkmh20MmRTxVEwAhQ?=useri... Groupe Deret Dec 29, 2025 13:16