Virgilio mail phishing page revealed

Posted byAnti-phishing Leave a comment on Virgilio mail phishing page revealed

This screenshot shows a phishing page hosted on Wix, impersonating Virgilio (an Italian email and portal service, part of the Libero / Italiaonline group). The page asks for email address and password to steal login credentials.

Threat Analysis: Virgilio Phishing – Credential Harvesting

How it works:
The victim receives a phishing email, SMS, or message claiming a security alert, account suspension, or the need to verify their information. The link leads to this page, which mimics the Virgilio login interface. The victim is asked to enter their email and password, then click “AVANTI” (Next). The credentials are captured and sent to the attacker.

The goal:
The attacker steals Virgilio account credentials to:

  • Access the victim’s email (searching for sensitive information, password reset links)
  • Compromise other services linked to the same email
  • Send further phishing messages to the victim’s contacts
  • Attempt credential reuse on other platforms

Red flags to watch for:

  • Suspicious URL: The page is hosted on a Wix subdomain (virgiliopostaitali.wixsite.com), not on virgilio.it or any official Virgilio domain. Wix is a free website builder – legitimate email services do not use it for login pages.
  • Visible Wix banner: The blue banner stating “Ce site a été conçu sur la plateforme de création de sites internet Wix.com” is a clear indicator that this is not an official page.
  • Mixed languages: The page uses French for the Wix notice, but Italian for “Virgilio” and “Accedi” (Login) – inconsistent and unprofessional.
  • Minimal design: The page lacks the full branding, security notices, and two‑factor authentication options of the real Virgilio login page.
  • Unsolicited login request: Virgilio does not send links requiring users to log in to resolve account issues.

What to do if you encounter this:

  • Do not enter your email or password.
  • If you are a Virgilio user, always access your email by typing virgilio.it directly into your browser.
  • If you have already entered your credentials, change your password immediately and enable two‑factor authentication if available.
  • Report the phishing page to Virgilio / Italiaonline and to Wix’s abuse team.

Protective measures:

  • Bookmark the official Virgilio login page and use that bookmark.
  • Use a password manager – it will not autofill on fake domains.
  • Never log in via a page hosted on a free website builder (Wix, Weebly, etc.) unless you are absolutely certain it is legitimate (which it almost never is for email services).
  • Enable two‑factor authentication on your email account.

Leave a comment

Your email address will not be published. Required fields are marked *