IOK Rules: target.1password

1Password phishing kit - 191635

1Password phishing kit cloned from the legitimate `` login page using Save Page WE. The first detection was on August 16th although evidence in the kit (the Save Page WE `savepage-date` timestamp) suggests it was created August 11th. Like many similar phishing kit, credentials are posted to `send.php` and then the victim is redirected to the `` login form.