Technical analysis by the Malware Hunter JAMESWT

Last cybercrime phishing campaign passes from Boa web server. The lure is a fake email on an email closure. It contains a link to update the account via a login page. Also this one is false. The only aim is to steal credentials

New phishing campaign target international users. The lure is a message from a supposed Boa web server address (info@boa.org) on a fake email closure. Inside, there is a request to update the account via a link. It directs the victim to an anonymous login page, in which he has to digit the mail address and the password. Once submitted, he’s redirected to Microsoft Office homepage. The cybercrime actors goal is to steal credentials.

The fake email by the Boa web service

The false login page