None found yet
We've not seen any sites matching this indicator yet. Try scanning a site you think matches this rule:
Detects a phishing page that targets Japanese users of MUFG (Mitsubishi UFJ Financial Group) Bank
This original page seems to have been cloned leaving a trace of the cloner's useragent in the hidden input elements of the website's login form
None found yet
We've not seen any sites matching this indicator yet. Try scanning a site you think matches this rule:
title: MUFG Phishing Kit 483cbea7
description: |
Detects a phishing page that targets Japanese users
of MUFG (Mitsubishi UFJ Financial Group) Bank
This original page seems to have been cloned leaving
a trace of the cloner's useragent in the hidden input
elements of the website's login form
references:
- https://urlscan.io/result/483cbea7-5acc-42d3-9e3b-c6d413df2ad6
- https://urlscan.io/result/0e072075-0244-49fb-88e6-d09ebbbaaedc
- https://urlscan.io/result/0088bf2a-18ac-4a83-9793-25c113e4c9f4
- https://urlscan.io/result/6484b228-2b2e-45a4-bbc1-1b004cc26beb
detection:
clonerUserAgent:
dom|contains: 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1'
redirectUrl:
dom|contains: '/info.php?dilefa=iejfeafe454a56f4a8ew4fa684fa3efawe1faw5ef4awe64fa6w54'
condition: clonerUserAgent and redirectUrl
tags:
- target.mufg
- target_country.japan