Re: [Freedos-devel] FreeDOS Phishing attack - warning!

[Eric Auer via Freedos-devel]

Hi everybody,

now I have also received one of those freedos phishing mails:
test at multicenter.com.bo wrote "Re: [Freedos-devel] mode.com"
from 193.201.8.100 saying: Please review and sign the enclosed
document. This is essential for our current project (etc.)

The link in the mail interestingly was a doubleclick forward
to a bitly link. Luckily, bitly offers a link preview and
virustotal helped me to find out more. The link had checked
out as harmless 13 days ago, but a "reanalyze" now tells me:

https://www.virustotal.com/gui/url/ff13f15b868cc0b4efdb580f44b621d8f435b82e4fbb6e6fe1cef9327d3fb441/detection

Malware (ESET, Lumu, SOCRadar, VIPRE)
Malicious (Seclookup)
Phishing (Fortinet)

Details about the type of malware are not provided, though.

It is interesting that the previous check was around the
beginning of this phishing or malware wave. Maybe those
sending the mails themselves had their now-infected sites
checked before infecting them, for a fake sense of security?

Regards, Eric




_______________________________________________
Freedos-devel mailing list
Freedos-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-devel