![]() Typically I log into US servers when I authenticate to my IONOS account, not servers in Estonia. This is another example of obscuring a malicious link beneath a benign link.Īnother clue is that the link on the email would resolve to an Estonian website at. VirusTotal reported this as a phishing link. Here is the home page of the Turkish domain name used in the email address.Ī quick check at showed the link in the email was “clean” but the link resolves to. The email headers show that this email was sent from the hijacked mail server in Turkey. I have to assume that this company’s mail server has been compromised so the attackers could create the email identity. First, the email’s sender address is not on the IONOS domain, but on the domain of a Turkish medical supply company. There are a couple clues in the email to warn the wary away. Here is another example of the popular credential stealing exploit. ![]() If the pictures are too small or extend off the page, double-clicking on them will open them up in a photo viewer app. Please forward your email to intention is to provide a warning, examples of current phishing scams, related articles, and education about how these scams and exploits work, and how to detect them in your own inbox. I would be delighted to accept suspicious phishing examples from you. Catch of the Day: IONOS Credential Stealing PhishĬhef’s Special: IONOS Password Update PhishĮxamples of clever phish that made it past my spam filters and into my Inbox, or from clients, or reliable sources on the Internet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |