The Cloud Consultancy Europe Ltd.
+44 (0) 203 637 6667 [email protected]

hook

A targeted phishing campaign is underway that states your email has been blacklisted and then asks you to confirm it by entering your credentials. For some reason, this campaign is using phishing links that can contain almost 1,000 characters, which is enough to make anyone suspicious.

This phishing campaign pretends to be from your mail domain’s support department and states that your email has been blacklisted due to multiple login failures. They then ask you to verify your account by logging in again or they will terminate the account.

mail

If you click on these links, you will be shown a landing page with a login form that is customized for your particular domain. Below is an example of this landing page, but with the company information redacted.

link

You can see an example of the URL that was included in the phishing email he received below.

url

After tweeting about this, another user stated that they just reported a similar email with a link that was 991 characters long.

It is not known what the reason is for using such long URLs unless its an effort to obfuscate the intent or to hide information in them.

Regardless, be careful of these blacklisted phishing emails and always check the URLs in emails you receive. If any look suspicious, try to not to visit them or at least be careful when you do.

Author: Lawrence Abrams