Detects a phishing kit targeting Microsoft Outlook. Users are being tricked into entering their Microsoft credentials into a fake form. This kit targets Spanish speaking users. Found as a result of this kit being deployed on Replit.
title: Microsoft Outlook Phishing Kit 142e470f
description: |
Detects a phishing kit targeting Microsoft Outlook. Users are being tricked into entering their Microsoft credentials into a fake form. This kit targets Spanish speaking users.
Found as a result of this kit being deployed on Replit.
references:
- https://urlscan.io/result/142e470f-9579-4190-a4a0-9cae5f61df9f/
- https://urlscan.io/result/2e3b1290-d3d0-4cb1-ae45-8b7c3b5a5023/
detection:
htmlContent:
html|contains|all:
- '<input id="clave"'
- '<div style="position:relative; top:0; margin-right:auto;margin-left:auto; z-index:99999">'
assets:
requests|contains|all:
- 'imagen.jpg'
- 'forma.css'
condition: assets and htmlContent
tags:
- kit
- target.microsoft
- target.microsoft_outlook