
A curious phishing attempt - De_Delph
https://htbr.nl/2020/03/30/a-curious-phishing-attempt/
======
thanksforfish
Good reminder that ad blockers provide security against this sort of thing.
Yet another example of ad networks not checking content.

Does anyone know if this also impacts duckduckgo, which uses keyword based ads
from Microsoft Advertising?

~~~
auiya
Not ads-based, but I'd imagine their "I'm feeling ducky" re-director feature
could be abused for phishing links quite easily.
duckduckgo.com/?q=!ducky+hxxp://badguydomain.com. Google's I'm feeling lucky
re-director was already caught being used for phishing re-direction (and
patched with a click-through).
[https://www.microsoft.com/security/blog/2019/12/11/the-
quiet...](https://www.microsoft.com/security/blog/2019/12/11/the-quiet-
evolution-of-phishing/)

------
computator
Bunq or any financial services company is in a perfect position to trace these
criminals. If they would create some actual Bunq login accounts and actual
Bunq ATM card numbers, with zero balance or low $5 balance, they could feed
some of these account numbers to the malware site before shutting it down, and
later monitor where those account numbers end up getting used.

Does anyone know if banks, MasterCard, Visa, etc., are already doing this? It
seems obvious and straightforward, but maybe banks are averse to giving out
actual credentials (no matter how limited the account) in case something goes
wrong.

