Attempt to drain the client databases of BillManager users
This morning I found in my post office such an interesting letter:
Apparently, someone is trying to gain access to the BillManager installed on hosters of various sizes and to gain access to commercial information (perhaps, to send databases). Or maybe just mislead in the hope that not everyone makes backups.
')
The form, of course, is not sent to the ISPsystem, but somewhere far away, on samsungtv24.tk/isplog.php . Interestingly, the letter arrived on Friday late in the evening. Perhaps the calculation was that at this time or on Saturday morning, the brain was still working slowly, and someone would get caught.
ISPsystem sent out phishing attack warnings that night (special thanks for customer care and responsiveness), but apparently misinterpreted its purpose:
In our opinion, the goal was precisely the client database or any other commercial information hosters. Our company received a letter to its primary contact address, and not to the one specified in the ISPsystem billing. Thus, the address database of the clients themselves ISPsystem has not been compromised.
I hope this message will save someone on Saturday morning from sudden actions. Have a nice weekend everyone.
Apparently, someone is trying to gain access to the BillManager installed on hosters of various sizes and to gain access to commercial information (perhaps, to send databases). Or maybe just mislead in the hope that not everyone makes backups.
')
The form, of course, is not sent to the ISPsystem, but somewhere far away, on samsungtv24.tk/isplog.php . Interestingly, the letter arrived on Friday late in the evening. Perhaps the calculation was that at this time or on Saturday morning, the brain was still working slowly, and someone would get caught.
ISPsystem sent out phishing attack warnings that night (special thanks for customer care and responsiveness), but apparently misinterpreted its purpose:
In our opinion, the goal was precisely the client database or any other commercial information hosters. Our company received a letter to its primary contact address, and not to the one specified in the ISPsystem billing. Thus, the address database of the clients themselves ISPsystem has not been compromised.
I hope this message will save someone on Saturday morning from sudden actions. Have a nice weekend everyone.
Source: https://habr.com/ru/post/209508/
All Articles