There is a new phishing campaign that is currently targeting Australia and New Zealand. This is coming through email and SMS media. The message asks the user to the click on a link and update their details. Please make sure that your end-users are aware of this and DO NOT click on these links. Bad actors behind this campaign grab various details (credit cards, DOB, License, Address etc) and the data is then saved into a database (PHP framework being used in the backgroud to facilitate this).
The domain being used is not flagged by any vendor at this moment (checked virustotal and all major security vendor sites).
Please BLOCK this domain at GW for added security. Depending on your organization’s policies – you can use wildcards.
Block these additional URLs as well:
http://anz0update.loginto.me
No comments:
Post a Comment