Phishing

Aggressive phishing against Strato.de customers

Strato.de (now belonging to 1&1) is one of the biggests hosters in Germany. Since a few weeks we see a lot of emails containing various texts that try to convince the user to login to his strato.de account and perform some actions. Strato published on their blog also a post about these fake emails: https://strato.de/blog/achtung-aktuell-wieder-phishing-mails-im-namen-von-strato-im-umlauf/   Fortunately, the phishing email is very simple and it just hides the target URL with the official strato.de URL. Pretty much all phishing filters detect it and block it.   The subject of the email is very aggressive: Last notification before judicial recovery The email says that the customer has one more day to pay. But now comes the funny part. The email says that the payment should be done via credit card, in order to make it “easy” for the customer. 🙂 To may this even more credible, they write that the introduction of a new payment method costs 1€. After that, they even communicate the name of the company that will try to retrieve the money from the customer: Intrum (www.intrum.de)   The problem I can’t stop to wonder how are the phishers obtaining all domains from Strato. I have all my…

Read More

Targeted phishing for Amazon Credit Cards

This time, there is a phishing for Amazon Credit Cards, which are served by LBB Bank. The user is redirected twice to some URLs, which are reported as “DECEPTIVE” by Chrome. Unfortunately, the final pages were deleted, so I can’t take screenshots.   Hallo Sie haben (1) wichtige Nachricht auf Ihrem Konto LandesBank Berlin AG. Um es zu sehen, klicken Sie bitte auf den Link unten: https://kreditkarten-banking.lbb.de/lbb/cas/dispatch.do?bt_PRELON=do&ref=1200_LBB&service=COS Herzliche Grüße Ihre Beraterin LandesBank Berlin AG


Targeted phishing on customers of Strato.de

My domain mustaca.com is hosted at Strato.de. I received several such emails, showing that somebody really scrapes the next for finding targets of various ISPs. Lieber Kunde, Wir informieren Sie, dass die Domain mustaca.com ausläuft. Wie kann man sich erneuern ? Der Erneuerungs Vorgang ist schnell und einfach: bestellen Sie einfach online und bezahlen Sie dafür. https://rechnung.strato.de Um die Bestellübersicht und den Betrag, den Sie bezahlen möchten, zu sehen, können Sie sich von dieser Seite erneuern. Was passiert, wenn ich mich nicht erneuere ? Im Falle einer Nichterneuerung werden die Dienste am Tag nach dem Ablauf deaktiviert und die Domain wird nicht mehr sichtbar. Herzliche Grüße STRATO AG Pascalstrae 10 10587 Berlin ———————————————————————— Vorsitzender des Aufsichtsrates: René Obermann Vorstand: Dr. Christian Being (Vorsitz), Christoph Steffens, René Wienholtz Amtsgericht Berlin-Charlottenburg HRB 79450 And this is how the page looks like:


%d bloggers like this:

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close