Chinese phisher trying to phish Amazon JP (landing site.)

Resolving amonge-japanes-amz.cintaku-diatasbalkon.com (amonge-japanes-amz.cintaku-diatasbalkon.com)… 40.117.34.42 <—————- here.

40.117.34.42 dj8aso.com
40.117.34.42 accountsupportalert-amazon-com.dj8aso.com
40.117.34.42 acccountsupportalert-amazon-com.dj8aso.com
40.117.34.42 asukoecok.com
40.117.34.42 service-mailapp-supportid-32882r.hahipglow.com
40.117.34.42 camonis.com
40.117.34.42 csi.myvnc.com

Received: from smtp189.octdeliver.in (smtp189.octdeliver.in [199.166.36.189]) (using TLSv1.2
Date: Sat, 3 Oct 2020 x +0530
To: «x» <x>
From: アカウントアラート <support@yahoo.jp>
Subject: * 【アラート】確認してください
Message-ID: <x@tcmail15.in>
Received: from Zioalfino (172.31.3.82)

(wait, is this yahoo or amazon or what?)

<https://goo.io/jqf0VNu>確認用アカウント

宜しくお願いします
Amazon Protection

goo -> tumblr -> goo —> https://amonge-japanes-amz.cintaku-diatasbalkon.com/?_z1

Resolving amonge-japanes-amz.cintaku-diatasbalkon.com (amonge-japanes-amz.cintaku-diatasbalkon.com)… 40.117.34.42
Connecting to amonge-japanes-amz.cintaku-diatasbalkon.com (amonge-japanes-amz.cintaku-diatasbalkon.com)|40.117.34.42|:443… connected.

Добавить комментарий

Ваш адрес email не будет опубликован.