After you sign up on the Social Security Administration’s website, they’ll send you a yearly email inviting you to check out your benefits. Flipping through my Junk Mail folder this afternoon, I found the following email: It looks reasonably plausible, except for the return address (cuonlineedu.in, a university in India). I’m always game to look at an attack, so I naturally clicked the “View my statement” link the bad guy hopes I’d click. This navigation results in redirecting through a page on the University’s website to go to a Spanish TLD: GET http://delivery.cuonlineedu.in/UDFEKT?id=28719=c0oCVAtaBQlfGAQDA1YCAl4BAwZSBQVYUFwFAloGVgNRUFRTDFcHDAUAA1YMVgcFDA5LBj1cVhYRXFpXXXZcCkRbUw1VTFFXCxgBUQNVU1IBDQBXUgQCV1sKA0hQQkAVChkdAFwOW04DFklIVxYMDVRRWQYHVEJPClcbYXxwcS5kCVsARRQB&fl=WEJGFEpYHRcEAUMSXQcGCllLVREXXlhPAFZZGl1FGw==302 Redirect to https://bestideiasbruno.com.es/GET https://bestideiasbruno.com.es/download.php?url=aHR0cHM6Ly9hcm9taXNiZC5jb20vd3AtY29udGVudC9nZW4ubXNp&name=eStatement45537…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.