A targeted phishing campaign is underway that states your email has been blacklisted and then asks you to confirm it by entering your credentials. For some reason, this campaign is using phishing links that can contain almost 1,000 characters, which is enough to make anyone suspicious.
This phishing campaign pretends to be from your mail domain’s support department and states that your email has been blacklisted due to multiple login failures. They then ask you to verify your account by logging in again or they will terminate the account.
If you click on these links, you will be shown a landing page with a login form that is customized for your particular domain. Below is an example of this landing page, but with the company information redacted.
You can see an example of the URL that was included in the phishing email he received below.
After tweeting about this, another user stated that they just reported a similar email with a link that was 991 characters long.
It is not known what the reason is for using such long URLs unless its an effort to obfuscate the intent or to hide information in them.
Regardless, be careful of these blacklisted phishing emails and always check the URLs in emails you receive. If any look suspicious, try to not to visit them or at least be careful when you do.
Author: Lawrence Abrams