The newest wave of Apple phishing emails now comes with blogspot domains to avoid being blocked by antispam and web filtering signatures. Blogspot.com is the domain primarily used by Blogger to accommodate users who would like to have their platform online. The service is free and is often tagged non-malicious by most security vendors. This is most likely the reason why the cybercriminals behind this phishing campaign targetting Apple users utilized the blogging domain.
The blogspot domain used in the sample email redirects to a phishing page imitating Apple’s account page. The landing page is different from the blogspot domain which makes us conclude that it was only used to bypass any security measures available on the victim’s end.
See screenshot of the Apple phishing mail:
- Phishing Email Analysis Landing Page - September 19, 2024
- BPI to hold Cybersecurity Conference to ‘Fortify Cyber-Resilience in an AI World’ - July 25, 2024
- New Smishing Campaign makes use of Globe SMS Sender ID - May 27, 2024