Tuesday, 4 February 2020

Your email password expires today


Here we have a fairly boring phish.

The page it links to was already 404'd by the time I got to it. I suspect it was a credential stealing website - it discusses changing a password, which means it probably had a password field that steals whatever is typed in.



Methods:
  • Urgency
    • Expires in 24 hours
  • Intimidation
    • Severity: High


IOCs

  • Sender address is not from the corporate domain
  • Grammar errors
  • Strange font

Noteworthy Whois Data
  • Domain created the same day the phishing email was sent 2/4
  • Registrant Country: Panama

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ransomeware - Intermittent Encryption

 An emerging trend among ransomware gangs is encrypting only parts of files, instead of complete encryption of files or drives. The tactic, ...

  • 2 Factor Proxy Bypass
     In the never ending game of cat and mouse, cyber criminals have found a way to bypass two-factor authentication. While the method is newer,...
  • Ransomeware - Intermittent Encryption
     An emerging trend among ransomware gangs is encrypting only parts of files, instead of complete encryption of files or drives. The tactic, ...
  • Your email password expires today
    Here we have a fairly boring phish. The page it links to was already 404'd by the time I got to it. I suspect it was a credential...