skip to Main Content

Cybercrime, maxi phishing campaign against the main email providers

Technical analysis by the Malware Hunter JAMESWT

Maxi phishing campaign against the main email providers. The bait is a fake eFax. The link in the message points to a page where you can choose your provider and enter sensitive data, which will be stolen

Maxi phishing campaign targets the main online mail providers. Objective: to steal access credentials from victims. The decoy is a fake document, an eFax, sent by a reverend to the user via e-mail and Dropbox.

The link in the message points to a landing page where you are asked to select your provider among Gmail, Aol, Outlook, Office365, Yahoo or other.

Any option leads to a fake login page, where more information will be progressively requested until the procedure stops automatically.

The user will therefore be led to think of a server error, but in the meantime the cybercrime actors behind the scam will have stolen all the sensitive information entered.

Back To Top