I have noticed a new round of phishing attacks using fake Authorize.net Late Fee Warning Notices.
So far I have examined two samples and both hacked websites are hosted on the same Earthlink web server (66.175.58.9).
The two domains that are currently hosting the phishing sites are ttouchequine.com and joecroninfishing.com. I’ll update this post if I find any others.
Comments