Author Topic: Serious Phishing URL for India  (Read 1354 times)

0 Members and 1 Guest are viewing this topic.

Offline BootLoader

  • Jr. Member
  • **
  • Posts: 40
Serious Phishing URL for India
« on: September 18, 2022, 05:49:45 AM »
Please check the URL below, this is a phishing/SCAM URL for India. Ask for money with a false web page that declares violating India Govt. Law.

Phishing URL:- lom-in.top/?c=yeshh18

Actual India Govt. Webpage URL:- www.india.gov.in/topics/home-affairs-enforcement/police

Note:- Works with India IP, when using VPN then it will not work

Virus Total Scan result :- www.virustotal.com/gui/url/8dec874d11ac716c488abbb67f5e63ae3eca0f4b6babcc9b6e024c0c2524488c
« Last Edit: September 18, 2022, 04:51:14 PM by Bishnusakha »
Win10 Pro x64 22H2/ Core i3-10105 3.7GHz/ 8GB DDR4/ 120GB SSD/ 1TB HDD/ avast! Free Antivirus Latest.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Serious Phishing URL for India
« Reply #1 on: September 18, 2022, 10:06:28 AM »
Don't post active links (edit and remove http:// and https://) to suspect sites to avoid A) accidental exposure and B) promoting the site by your link.

Use the - Reporting a possible Malicious sample File or Website - https://www.avast.com/report-malicious-file.php to report directly.

Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline BootLoader

  • Jr. Member
  • **
  • Posts: 40
Re: Serious Phishing URL for India
« Reply #2 on: September 18, 2022, 04:56:25 PM »
OK, Done
Win10 Pro x64 22H2/ Core i3-10105 3.7GHz/ 8GB DDR4/ 120GB SSD/ 1TB HDD/ avast! Free Antivirus Latest.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Serious Phishing URL for India
« Reply #3 on: September 18, 2022, 09:19:04 PM »
You're welcome.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33891
  • malware fighter
Re: Serious Phishing URL for India
« Reply #4 on: September 19, 2022, 12:05:21 AM »
Thanks for reporting,

It is the redirect here that makes it into Phishing: -htxps://dirtyfree.games/DirtyGames_v4/?clickid=ktr00134dlobt447p2&country=IN&m1={browser_name}&m2=IN&voluum_id={campaign}&tsource={campaign.name}&campaign={campaign}&partner=BC&afseid=630e578ba01a6400013954f4

Website originating from IP is being used in ad-scams, apparently from Moscow:
Read: https://webparanoid.com/scam-review/adpek-in2.xyz#/

Links involved: htxps://www.memberstrack.net/?clickid={clickid}&autocamp=_{country}_&paytpl=2
which address is being qualified as "offensive security", with spreading logs txt.exe malware
and
htxps://www.googletagmanager.com/ns.html?id=GTM-MSLMWPJ

Hope that soon more instances and vendors will flag this address,

polonus (volunteer 3rd party cold recon website security analyst and website error-hunter)
« Last Edit: September 19, 2022, 12:13:25 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!