Poste Italiane Phishing Mails In Circulation

Trawling for Phish

Here’s two pages you may wish to avoid on your travels, whether you’re sent a link to them directly or see the URLs linked in an email.

First up, a page located at:

secure-dropboxfile(dot)hotvideostube(dot)net/secure-files-dropbox/document/

It claims to offer a shared Dropbox document in return for entering your email credentials. It follows the well-worn pattern of offering multiple login options for different types of email account, including Gmail, AOL, Windows Live, Yahoo! and “other”.

Email login?

click to enlarge

The website itself has a poor reputation on Web of Trust, has been listed as being compromised on defacement archives and was also hosting a banking phish not so long ago.

Should visitors attempt to login, it sends them to a shared Google Document (no Dropbox files on offer here) which is actually a “public prayer request” spreadsheet belonging to a Church.

Prayer Sheet

The next page is Google Drive themed and located at

yellowpagesexpress(dot)com/cgi-bin/Secure Management/index(dot)php

Google Drive?

As before, it asks the visitor to login with the widest possible range of common email accounts available, before sending those who enter their details to an entirely unrelated Saatchi Art investment webpage.

Readers should always be cautious around pages claiming to offer up files in return for email logins – it’s one of the most common tactics for harvesting password credentials.

Stay safe!

Jovi Umawing

ABOUT THE AUTHOR

Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.