SBB phishing sa eunet.co.rs, inbox.rs, online.rs - Printable Version +- Bezbedan Balkan (https://bezbedanbalkan.net) +-- Forum: Bezbednost privatnih resursa (https://bezbedanbalkan.net/forum-12.html) +--- Forum: Phishing / Scam / Spam kampanje (https://bezbedanbalkan.net/forum-16.html) +--- Thread: SBB phishing sa eunet.co.rs, inbox.rs, online.rs (/thread-337.html) |
SBB phishing sa eunet.co.rs, inbox.rs, online.rs - 1van - 01-03-2023 Izvor 1: https://twitter.com/nklmilojevic/status/1610194746558873608 Arhivirano 1: https://archive.ph/ncAiT Phishing Link vodi na: hXXp :// bib.2118681097.eway2pay.wmpvt[.]com/SBB/auth/index.php Izvor 2: https://twitter.com/shkabo_tm/status/1610175813684531203 Arhivirano 2: https://archive.ph/owcUQ Phishing Link vodi na: hXXp :// bib.584883775.eway2pay.wmpvt[.]com/SBB/auth/index.php RE: Phishing sa eunet.co.rs (SBB) - Nikola.Milojević - 01-03-2023 Evo i svih headera RE: Phishing sa eunet.co.rs (SBB) - y0d4 - 01-03-2023 hahha, a dje logika da phishujes "u ime" konkurencije?! :S inace aknut: artificialgrassbradford.co.uk i: We could not find a DMARC record for domain eunet.co.rs RE: Phishing sa eunet.co.rs (SBB) - Nikola.Milojević - 01-03-2023 Da, i SPF im je ne baš sjajno podešen, ~all umesto -all. RE: Phishing sa eunet.co.rs (SBB) - 1van - 01-04-2023 Još malo detalja, izvor: https://twitter.com/shkabo_tm/status/1610361764595507200, arhivirano: https://archive.ph/OMaNA. Javascript na Pastebin: https://archive.ph/FwHuY. RE: Phishing sa eunet.co.rs (SBB) - 1van - 01-04-2023 Dobio sam informaciju da kampanja sada ide i sa online[.]rs i inbox[.]rs domena. Izvor za online[.]rs: https://archive.ph/9AZWi, čekam hedere za oba. Uglavnom pogrešno podešen SPF i DMARC dovode do toga da je moguće zloupotrebiti ove domene. RE: Phishing sa eunet.co.rs (SBB) - 1van - 01-04-2023 Evo još hedera za eunet.co.rs. Izgleda da šalju na INFO i OFFICE email adrese. RE: Phishing sa eunet.co.rs (SBB) - 1van - 01-04-2023 Hederi za inbox.rs. |