Jump to content

- - - - -

Weird Phishing Campaign Uses Links With Almost 1,000 Characters

  • You cannot start a new topic
  • Please log in to reply
No replies to this topic

#1 Scorpion


    Advanced Member

  • Administrators
  • 96 posts
  • LocationScorpionsMaze

Posted 12 February 2019 - 10:29 PM

A targeted phishing campaign is underway that states your email has been blacklisted and then asks you to confirm it by entering your credentials. For some reason, this campaign is using phishing links that can contain almost 1,000 characters, which is enough to make anyone suspicious.

This phishing campaign pretends to be from your mail domain's support department and states that your email has been blacklisted due to multiple login failures. They then ask you to verify your account by logging in again or they will terminate the account.

Blacklisted Phishing Email

If you click on these links, you will be shown a landing page with a login form that is customized for your particular domain. Below is an example of this landing page, but with the company information redacted.

Phishing campaign landing page

After receiving one of these emails, Derek from My Online Security noticed that URLs in the emails are very long. I mean really long, with URLs ranging from 400 characters to close to 1,000 characters.

These phishing scams are really getting annoying with all the ultra long urls
It is getting ridiculous.

— My Online Security (@dvk01uk) February 11, 2019

You can see an example of the URL that was included in the phishing email he received below.

Phishing link

After tweeting about this, another user stated that they just reported a similar email with a link that was 991 characters long.

It is not known what the reason is for using such long URLs unless its an effort to obfuscate the intent or to hide information in them.

Regardless, be careful of these blacklisted phishing emails and always check the URLs in emails you receive. If any look suspicious, try to not to visit them or at least be careful when you do.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users