Monday, October 10, 2016

test@gmail.com: *Account at **Risk** (Google Phishing)

Hi [test@gmail.com]
Your mailbox is at risk**

re-verification is required to be better protected.

Best,
Google.

Phishing analysis :

CLICK : re-verification
OPEN : http://solucionesjuveniles.com/css//?email=test@gmail.com
REDIRECT : https://artistsdolls.c13.ixsecure.com/_form_results/_vti_cnf/form_results.cache/C2345678CAHEE.98/cmd-login=bcf59a6496548c578b77345f7635e502/qk2iq9rkgir1g8eph7oi8lkp.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&Email=test@gmail.com&.rand=13InboxLight.aspx?n=1774256418&fid=4#identifier
SCREENSHOT :


VALIDATE : FORM
REDIRECT : https://artistsdolls.c13.ixsecure.com/_form_results/_vti_cnf/form_results.cache/C2345678CAHEE.98/cmd-login=bcf59a6496548c578b77345f7635e502/con_ii.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.113InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav
SCREENSHOT :


VALIDATE : FORM
REDIRECT : https://artistsdolls.c13.ixsecure.com/_form_results/_vti_cnf/form_results.cache/C2345678CAHEE.98/cmd-login=bcf59a6496548c578b77345f7635e502/con_iii.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.113InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav
SCREENSHOT :


VALIDATE : FORM
REDIRECT : https://artistsdolls.c13.ixsecure.com/_form_results/_vti_cnf/form_results.cache/C2345678CAHEE.98/cmd-login=bcf59a6496548c578b77345f7635e502/r.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.113InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
SCREENSHOT :

REDIRECT : https://accounts.google.com/

Email analysis :

NOTE : Content-Type : text/html; charset=
NOTE : Return-Path : < Google@cache.mail.*.*.*.*.*.live.com >
NOTE : X-Mailer : Leaf PHPMailer 2.7 (leafmailer.pw)
NOTE : Content-Transfer-Encoding : 8bit
NOTE : X-Php-Originating-Script : 1996:sql.php
NOTE : Message-Id : < *@projektowaniecad.pl >
NOTE : Delivered-To : test@gmail.com
NOTE : client-ip=88.198.8.17;
NOTE : test@gmail.com: *Account at **Risk**
No comments:
Labels : , , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe