Thursday, February 2, 2017

Microsoft account termination request in progress. (Microsoft Phishing, Swisscom Phishing, Directory listing)

Microsoft Security info

We received a message from you requesting for your account termination, please ignore this message if the request was from you. Your account would be deleted from our system in the next 24 hours.

(Note: All mails in your inbox, spam, draft, and sent items would be terminated, and access to your account would be denied.)

Click on cancel request if the message wasn't from you.

CANCEL REQUEST

Cancel the termination request to keep enjoying Microsoft!

Thanks,

The Microsoft account team.

Safety Certification Copyright © 2017 Microsoft

Phishing analysis :

SCREENSHOT :


CLICK : http://ow.ly/***
RESULT : A BASE64 is loaded in the url bar.
RESULT : data:text/html;base64,
SCREENSHOT :


RESULT : Microsoft phishing
CODE SOURCE ANALYSIS : form action="http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/result.php
NOTE : Another wordpress website hacked...
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/


RESULT : Repository of phishing.
GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/bluewin


RESULT : Swisscom Phishing


GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/pahgy/


RESULT : Microsoft phishing

GO TO : http://dolphinsclubtema.org/wp-includes/js/mine/viko/


RESULT : Microsoft phishing
No comments:
Labels : , , , , ,

Thursday, June 25, 2015

Warning: authentication error

Hi,

We noticed an authentication error on your Microsoft Outlook email account which has caused undelivered Messages to your inbox

NOTE: If you will like to continue using Microsoft outlook. We need to make sure this email is yours.

To continue the usage of your email on Microsoft outlook or Microsoft live mail

Kindly click below link to verify your email to prevent service disruption:
https://account.outlook.com/ Aliases/Verify?aliasname= aliastype=Email&otc=* Clh3foYzroCTqvGfbuNg2AxMQ4IfA8 JrZsTLdBt2qTXQ* 1C1TUUwGyLnUTS6VCoNgvlTiy$&mn& cxt=ALS

or you maybe asked to enter the security code

If you do not wish to continue using Microsoft outlook or Microsoft live mail click below to stop services:
https://account.outlook.com/ Aliases/Remove?aliasname=& aliastype=Email&otc=* Clh3foYzroCTqvGfbuNg2AxMQ4IfA8 JrZsTLdBt2qTXQ* 1C1TUUwGyLnUTS6VCoNgvlTiy$&mn& cxt=ALS

Thanks,
The Microsoft account team

Avast logo
This email has been checked for viruses by Avast antivirus software.
www.avast.com

Phishing analysis :

CLICK : https://account.outlook.com/ Aliases/Remove?aliasname=& aliastype=Email&otc=* Clh3foYzroCTqvGfbuNg2AxMQ4IfA8 JrZsTLdBt2qTXQ* 1C1TUUwGyLnUTS6VCoNgvlTiy$&mn& cxt=ALS
REDIRECT : http://dropcanvas.com/rg0w0/1
DOWNLOAD FILE : secure_outlook.htm

File analysis :

NOTE : secure_outlook.htm
NOTE : FORM : http://www.metafores-attiki.gr/components/com_contact/helpers/wow.php
NOTE : owa.sonion.com

Email analysis :

NOTE : contacto@azeros.cl
NOTE : Received : from [174.127.68.44] (port=54720 helo=[100.100.64.17])
NOTE : by srv1.ehosting.cl with esmtpsa
No comments:
Labels : , ,
Subscribe to: Posts (Atom)
Copyright © Scam.cz | Created by Rbcafe