The newest wave of Apple phishing emails now comes with blogspot domains to avoid being blocked by antispam and web filtering signatures. Blogspot.com is the domain primarily used by Blogger to accommodate users who would like to have their platform online. The service is free and is often tagged non-malicious by most security vendors. This is most likely the reason why the cybercriminals behind this phishing campaign targetting Apple users utilized the blogging domain.
The blogspot domain used in the sample email redirects to a phishing page imitating Apple’s account page. The landing page is different from the blogspot domain which makes us conclude that it was only used to bypass any security measures available on the victim’s end.
See screenshot of the Apple phishing mail:
- ABS-CBN YouTube channels hacked by crypto scammers - November 4, 2020
- Hackers target Alodia’s fans via Facebook phishing - October 22, 2020
- BDO smishing continues - October 15, 2020
Speak Your Mind