A new phishing template aimed at commercial companies that use email addresses at @mail mail.ru as contacts.
Attackers generate free subdomains based on the Timeweb hosting domain – TW1.RU and send out commercial offers. To download these offers, recipients are asked to enter their email login and password.
The resulting credentials can then be used in a man-in-the-middle (MITM) scheme so that during the transaction, attackers can send ” more correct ” prepayment details to the payer.
Examples of sites
CI10028.TW1.RU
CD23200.TW1.RU
CN51398.TW1.RU
CQ88827.TW1.RU
CH72347.TW1.RU
#mail
You must be logged in to post a comment.