From 14495003d33132d7f36c8c7fb2bd0fda335a00ca Mon Sep 17 00:00:00 2001 From: Dominic Reich Date: Wed, 10 Jan 2024 17:45:24 +0100 Subject: [PATCH] update older netcup phishing post --- .../spam/2023-11-17-netcup-phishing/index.md | 37 +++++++++++++++++-- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/content/spam/2023-11-17-netcup-phishing/index.md b/content/spam/2023-11-17-netcup-phishing/index.md index fe95e46..26d2c76 100644 --- a/content/spam/2023-11-17-netcup-phishing/index.md +++ b/content/spam/2023-11-17-netcup-phishing/index.md @@ -2,7 +2,7 @@ title: Netcup phishing summary: They really think I got my domain from Netcup \*lol\* date: 2023-11-17T16:35:12+0100 -lastmod: 2023-11-18T11:50:01+0000 +lastmod: 2024-01-10T16:45:24+0000 # categories: #- spam # tags: @@ -76,13 +76,16 @@ Commercial register: HRB 705547, Amtsgericht Mannheim ?[SUBMIT] ~~~ +*** + {{< alert >}} -**Update on Nov 18 2023**: +**Update on Nov 18 2023** +{{< /alert >}} + I'm sorry, this is either a very dumb person (or group) or it is a very funny coincidence. I got two new mails today in which the **shown URL** was changed to `www.customercontrolpanel.de`, the link still goes to the italian site (that you will find further down in this article). -{{< /alert >}} Following only the relevant part is shown. @@ -92,6 +95,34 @@ href="https://elettrogi.it/">https://www.customercontrolpanel.de/?login_

Wir möchten sicherstellen, dass Ihre Online-Präsenz… ~~~ +*** + +{{< alert >}} +**Update on Jan 10 2024** +{{< /alert >}} + +Haha another two emails with yet another domainname: `netcupde.com`. Well, the link now +looks like this: + +~~~html {linenos=table} +

Erneuern Sie über den sicheren Link: + https://customerscontrolpanel. + netcupde.com/de/

+~~~ + +_I added some newlines into the html code, because the code is actually only two lines +in the email but that would make this codeblock a bit harder to read (specially on mobile +devices)._ + +These additions of `}}