Phishing via SMS
Hi to everyone!
Yesterday 23-05-2018 at 3:54 PM I received an SMS on my personal mobile phone with the following text: (Italian)
Gruppo ISP: Banca Intesa San Paolo la invita a convalidare urgentemente il suo recapito telefonico al seguente link: https://bit.ly/ConvalidaGruppoIntesaImmediately catched my attention; first because the link is shortened and then because I'm not an ISP's customer.
Anyway let's check where this link will redirect the user and also some statistics:
This trick consist on add a plus sign at the end of the shortened URL, so this will be:
This is pretty impressive, 885 clicks that redirect on https://convalida-recapito-intesasanpaolo.com/
Immediately I have been checked the url on VirusTotal, at the following address you can find the analysis:
Next this page redirect on:
https://www.postinaperandare2016.it/intesasanpaolo-convalida/ (at the time of writing this is no more valid)
Here the analysis:
Today these two Phishing pages are no more existent, anyway I was able to find a screenshot on https://www.phishtank.com/
So you might understand what could happen with your ISP's credential!
This article is intended to help understand web dangers, so be careful.