New #phishing campaign targeting #NationalBankGR customers spotted:
🎣https[:]//ufabethost[.]com/-/area_client/-/

☁️hosted by #Cloudflare

Phishing 📧 received via #SendGrid

#infosec #cybersecurity #IOC

New #phishing site targeting #NationalBankGR
customers spotted:
🎣https[:]//www.walterlathamfoundation[.]org/cgi-bin/fi/

☁️hosted by #Cloudflare

#infosec #cybersecurity #IOC

A new #phishing site targeting #NationalBankGR customers was spotted today:
🎣https[:]//www.hereiamlive[.]com/wp-content/uploads/di/

☁️hosted by #GoDaddy

#infosec #cybersecurity #IOC

New #phishing site targeting #NationalBankGR spotted:
🎣https[:]//mzeon[.]ga/nbgid/
☁️hosted by UnifiedLayer #NewfoldDigital

Stolen credentials are sent to phisher using a #Telegram bot.
#IPQualityScore API is used for bot protection.

#infosec #cybersecurity #IOC #Zoldyck

New #phishing site targeting #NationalBankGR spotted:
🎣https[:]//pandosue[.]com/-/group/daily/
☁️hosted by #GMOGroup

📧 was sent via #SendGrid and contained link to
🎣https[:]//u32258575.ct.sendgrid[.]net/ls/click?upn=fcrLja7cU0...

#infocec #cybersecurity #IOC

New #phishing site targeting #NationalBankGR spotted:
🎣https[:]//urbanhousingcooperative[.]org/wp-includes/images/fes/

☁️hosted by #Cloudflare

#infosec #cybersecurity #IOC

New #phishing clone of #NationalBankGR detected:
🎣https[:]//tacotroc[.]com/wp-content/themes/tacotroc/vendor/symfony/finder/1ef0dab50512973fd1.html
which is redirected to:
🎣https[:]//22492-4830.s1.webspace[.]re/nbg.gr/login/default.php

#infosec #cybersecurity #IOC

New #phishing campaign targeting #NationalBankGR:
🎣 https[:]//etagr[.]de/clients/account/login.php

Email sent via #SendGrid
Site hosted by #ionos_de #ionos_com #AS8560

#infosec #cybersecurity

New #phishing clone of #NationalBankGR:
🎣https[:]//thewhippoorwill[.]co/wp

Mail sent via #SendGrid. Multiple URL redirects were used
🎣https://u30653441.ct.sendgrid[.]net/ls/click?...
🎣https://app.rdstation[.]email/mail/e4c77...
🎣https://i8[.]ae/lIWmK

#infosec #cybersecurity