A phishing campaign targeting residents in Saudi Arabia impersonates Saudi Post (SPL) via SMS to steal personal information and credit card data through a fake “address correction” page. The attack uses realistic clones of the official SPL portal to harvest credentials and intercept one-time passwords (OTPs) for fraudulent transactions. These phishing cases highlight attackers’ use …
Monthly Archives: June 2022
Fake Emirates Post pages detected
Threat Analysis: Emirates Post Phishing – Small Fee & Card Harvesting How it works:The victim receives an SMS, email, or messaging app alert claiming a package requires a small delivery fee or customs payment. The link leads to this page, which mimics the Emirates Post payment interface. The victim is asked to provide: Logos for …
Fake Carrefour page revealed
This phishing campaign against Carrefour uses a “reward survey” scheme to steal credit card data and register victims for hidden subscriptions, often promoted via social media. The multi-stage attack involves fake surveys and “lucky” games, designed to trick users into paying a small shipping fee, which is actually a pretext to capture sensitive banking information. …
Microsoft phishing page in Spanish detected
This screenshot shows a Spanish‑language phishing page designed to steal email credentials (correo electrónico and contraseña). The page is minimal and generic, making it adaptable to impersonate various services (Microsoft, Google, a bank, or an email provider). Threat Analysis: Generic “Inicio de seguridad” Phishing – Credential Harvesting How it works:The victim receives a phishing email, …
Continue reading “Microsoft phishing page in Spanish detected”
IAA phishing page detected (Online car marketplace)
This screenshot shows a phishing page impersonating IAA (Insurance Auto Auctions) , a legitimate online vehicle auction platform. The page is designed to steal victims’ login credentials (email and password) used to access their IAA accounts. Threat Analysis: IAA Phishing – Credential Harvesting How it works:The victim receives a phishing email, SMS, or message claiming …
Continue reading “IAA phishing page detected (Online car marketplace)”
DHL phishing page revealed
This screenshot shows a phishing page impersonating DHL, targeting users with a fake package delivery notification. The scam demands a small payment (1.99) to complete delivery and collects full card details, cardholder name, and an ID number (likely a national ID or passport). Threat Analysis: DHL Phishing – Fake “Delivery Confirmation” & Card Harvesting How …
Twitter fake login page detected
This screenshot shows a phishing page impersonating Twitter (now X) , designed to steal login credentials (email/phone/username and password). The page is hosted on a suspicious domain unrelated to Twitter. Threat Analysis: Twitter Phishing – Credential Harvesting How it works:The victim receives a phishing email, SMS, or direct message claiming a security alert, account suspension, …