None found yet
We've not seen any sites matching this indicator yet. Try scanning a site you think matches this rule:
Detects a Banco Promerica phishing kit with images and form action URL that only appear in this kit.
Deployed often on replit.com.
None found yet
We've not seen any sites matching this indicator yet. Try scanning a site you think matches this rule:
title: Banco Promerica Phishing Kit ef73ish1
description: |
Detects a Banco Promerica phishing kit with images and form action URL that only appear in this kit.
Deployed often on `replit.com`.
references:
- https://urlscan.io/result/cb8dedfa-8a9d-4da9-944f-e93edea6c38c/
- https://banca.grupopromerica.com/PCRC/PB/pages/administration/pbLoginPage.aspx
detection:
images:
html|contains|all:
- <div class="logo" ><img src="im/logoa.png" width="100%" ></div>
- <div class="desa"><img src="im/logob.png" width="100%" ></div>
- <div class="fo"><img src="im/logoc.png" width="100%" ></div>
form:
html|contains:
- action="guardar.php"
condition: images and form
tags:
- kit
- target.bancopromerica
- target_country.costarica