Detects a Facebook phishing kit targeting Polish speaking users. Using the same Google Tag ID across every domain deploying this kit and using the same name for the logo file.
title: Facebook Phishing Kit 7d71c1c
description: |
Detects a Facebook phishing kit targeting
Polish speaking users. Using the same Google
Tag ID across every domain deploying this kit
and using the same name for the logo file.
references:
- https://urlscan.io/result/4467573b-d13a-4f2c-85df-5dbce3de9eda
- https://urlscan.io/result/7d71c1c0-da74-41bf-b4c7-25e9ba421f1e
- https://urlscan.io/result/d4890e94-a7e6-4b9a-b4b2-fab8eaa3ccc3
detection:
logo:
requests|contains: 'fb4.png'
googleTagId:
dom|contains: 'UA-178388451-1'
invalidStylesheetReference:
dom|contains: 'https://fonts.googlay=swap'
condition: logo and googleTagId and invalidStylesheetReference
tags:
- kit
- target.facebook
- target_country.poland