On 07 November, 2017 Wapack Labs observed, using Cyber Threat Analysis Center (CTAC), various emails in the URL of two phishing domains. The two phishing domains had different URLs but utilized the same web page interface. One domain is a compromised domain with an anti-virus detection ratio of 10/64 that has been leveraged since 12 June 2017. It is not flagged as suspicious as by Google Chrome browser. The second domain has an anti-virus detection ratio of 11/65 and has been leveraged since 02 October 2017. This domain was flagged as suspicious by Google Chrome browser. Both domains are still active. The phishing attempt appears to be a simple credential stealing scheme. The phishing page is disguised as Microsoft One Drive, attempting to get users to enter their passwords. Wapack Labs is providing this warning report as situational awareness...READ MORE
Wapack
Labs has cataloged and reported on malicious URLs and phishing attempts
in the past. An archive of related reporting can be found in the Red
Sky Alliance portal.