phishing

Simple Rules to Protect Against Spoofed & windows.net Phishing Attacks

Recently I've seen an extended rise in usage of Microsoft Azure Blob Storage to host phishing websites targeting Office365 users. Websites hosted under Azure Blob Storage can be accessed using windows.net domains which will naturally add a convincing feature -  valid Microsoft SSL certificate. This “feature” has high probability…

Facebook Phishing campaign targeting Israeli users

A worried user notified me about a suspicious message he received that looks like it was sent by Facebook Security team. The message which seems like it was translated by an automatic service reads as follows: "Facebook blocking an account. We have received feedback that your account may not…