Tis the season to get Phished...
This time of year a lot of people are making a tonne of online purchases for xmas (and expecting their deliveries accordingly). I received this phish today masquerading as coming from Australia Post claiming I have a package delivery issue.
The Link points to a non secure website running at: http-3A__hidayaar.wwwmi3-2Dss57.a2hosted.com_Aunredira&d=DwMFaQ&c=euGZstca*****
But, detonating that link it redirects me to a similar sounding fake domain called track-auspostonline-package.com
This dodgy site, is a Credit Card harvesting site, prompting you to enter in your Credit Card details. A very well crafted and legitimate looking site. Once entered it ships these details back to the attackers.
As for the attached PDF, it contains an Adobe exploit and the file itself is unreadable.
This email managed to successfully bypass multiple layers of email filtering so definitely one to look out for, and expect more like it during the holiday season.