Fake virus alert leads and Tech Support scam Malware Compromise PCAP Traffic Analysis Sample

    2017-11-07 12:07:10.741648 IP 192.168.2.10.49185 > 216.194.173.139.80: Flags [P.], seq 4243488184:4243488434, ack 3582253123, win 16537, length 250: HTTP: GET / HTTP/1.1 E..”..@….E… …..!.P..}….CP.@…..GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* …

Share
Read More

PayPal Phishing Scam Fake Website PCAP file download Traffic Sample

PayPal Phishing landing page:   Stealing Credentials Traffic:   2017-04-17 22:00:47.498090 IP 192.168.1.100.46042 > 184.154.127.226.80: Flags [P.], seq 1:785, ack 1, win 229, options [nop,nop,TS val 1037083633 ecr 3076619526], length …

Share
Read More

CapitalOne Capital One Bank Auto Loans Phishing Campaign PCAP file download Traffic Analysis

Landing page:   Sample of posting credentials:   2017-04-17 21:57:05.598674 IP 192.168.1.100.41236 > 89.46.73.231.80: Flags [P.], seq 1:535, ack 1, win 229, options [nop,nop,TS val 1037028158 ecr 1270481385], length 534: …

Share
Read More

USAA Phishing Campaign PCAP File Download Traffic Analysis Sample

They do make the site look decent:   Here you can see the POST containing the fake information I entered:   2017-04-17 21:32:22.952265 IP 192.168.1.100.47366 > 78.135.65.3.80: Flags [.], seq …

Share
Read More