Detects a Facebank phishing kit targeting citizens of Puerto Rico. Discovered as a result of this being deployed on Replit.com.
title: Facebank Phishing Kit 0y8ysfop
description: |
Detects a Facebank phishing kit targeting citizens of Puerto Rico.
Discovered as a result of this being deployed on Replit.com.
references:
- https://urlscan.io/result/f78ea01a-c142-4991-a43c-3b27e62da734
- https://urlscan.io/result/9fbb1f30-51eb-4fed-8abb-67d9e3b103d9
- https://secureib.facebank.pr/personas/banca-virtual
detection:
title:
html|contains:
- <title translate="" class="ng-scope">FACEBANK OnLine</title>
meta:
html|contains|all:
- link rel="apple-touch-icon-precomposed" sizes="120x120" href="https://secureib.facebank.pr/personas/services/cobis/web/assets/img/favicons/apple-touch-icon-120x120.png"
- link rel="icon" type="image/png" href="https://secureib.facebank.pr/personas/services/cobis/web/assets/img/favicons/favicon-128.png" sizes="128x128"
css:
html|contains|all:
- link id="style-ib-container" rel="stylesheet" href="./index_files/theme.css"
- link href="./index_files/bootstrap.min.css" rel="stylesheet" class="ng-scope"
- link href="./index_files/base.css" rel="stylesheet" class="ng-scope"
form:
html|contains:
- form action="1.php" method="POST"
img:
html|contains:
- https://facebank-asociados.com/images/06262001.jpg
condition: title and meta and css and form and img
tags:
- kit
- target.facebank
- target_country.usa