{"id":23,"date":"2022-08-30T21:39:19","date_gmt":"2022-08-30T21:39:19","guid":{"rendered":"https:\/\/freshphish.info\/?p=23"},"modified":"2022-09-06T16:49:27","modified_gmt":"2022-09-06T16:49:27","slug":"phish-uses-two-different-techniques","status":"publish","type":"post","link":"https:\/\/freshphish.info\/?p=23","title":{"rendered":"Phish Uses Two Different Techniques"},"content":{"rendered":"\n

Here’s a new phish I just found. The malicious actor attaches a .ics file, which is a calendar attachment, like is added to every meeting invitation sent. It appears some spam filter vendors do not inspect links included in .ics file attachments. On top of that, the link uses a hexadecimal version of an IP address so the victim does not know where he will end up when clicking the link.<\/p>\n\n\n\n

\"\"
The original email.<\/figcaption><\/figure>\n\n\n\n
\"\"
This is the .ics file attachment.<\/figcaption><\/figure>\n\n\n
\n
\"\"
When the link is clicked, this is the page the victim is sent to.<\/figcaption><\/figure>\n<\/div>\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Here’s a new phish I just found. The malicious actor attaches a .ics file, which is a calendar attachment, like<\/p>\n

Continue readingPhish Uses Two Different Techniques<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[12],"tags":[6,7,4],"class_list":["post-23","post","type-post","status-publish","format-standard","hentry","category-phish","tag-ics-file","tag-hexadecimal-version-of-ip-address","tag-phish"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/posts\/23","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/freshphish.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=23"}],"version-history":[{"count":1,"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/posts\/23\/revisions"}],"predecessor-version":[{"id":27,"href":"https:\/\/freshphish.info\/index.php?rest_route=\/wp\/v2\/posts\/23\/revisions\/27"}],"wp:attachment":[{"href":"https:\/\/freshphish.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=23"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/freshphish.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=23"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/freshphish.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=23"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}