Outlook phishing page hosted by Microsoft: https://sharepointmxrecordpos1.z13.web.core\\.windows.net/
And even "sharepoint" is in the subdomain...
Clear example of how much MS dgaf about not only "random" phishing pages they host, but even ones likes this...
cc @SwiftOnSecurity
After entering the credentials, the victim will get redirected to this file: https://whitehouse.gov/wp-content/uploads/2020/02/2020-Economic-Report-of-the-President-WHCEA.pdf
The entered credentials are sent to: https://zankouchlcken[.]com/img/new/pos1/process.php
Just go one level up...
Hey @Namecheap, what about finally nuking this?
cc @olihough86
https://twitter.com/invirtutedei/status/1298747226542481408
Still online... Soon 3 months.
😂
Another one: https://sharepointmxrecxdrroy2.z13.web.core\\.windows.net/
Online for more than 50 hours already...
You can follow @malwrhunterteam.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cålculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more