It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Alibaba bait HTML phishing scam. A fake email points to a page that simulates that of the e-commerce portal. Objective: steal credentials
Someone tries to steal Alibaba credentials with a product-themed HTML phishing campaign. A fake e-commerce portal email simulates the message from a potential buyer.
The link to reply and view the details of the request points to a false Alibaba login page where user must enter the email address and password.
However, any alphanumeric combination digited will be incorrect.
Meanwhile, the credentials will be stolen by the threat actors behind the scam.