Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
This is an advisory on a reported phishing attempt involving a pdf document, which redirects user to a malicious site when opened.
A team member reported a phishing attempt involving a PDF attachment which, when clicked, redirects the user to the URL lopiefuhf[.]ml/wp-admin/docpage/gieeedoc/melstod.php. This URL leads to a malicious site. The PDF was labelled as “Offer for Purchase.PDF”.
Last night, one of our team members observed a phishing attempt. They reported having received a PDF attachment from paulo[@]novahometeam[.]com. Clicking on the PDF redirected them to the URL lopiefuhf[.]ml/wp-admin/docpage/gieeedoc/melstod.php which is a malicious site capable of transferring malware to your system.
The attachment is named “Offer for Purchase.PDF”. The IP analysis of the source of this phishing attempt produced the IP: 80.211.69[.]217.
The phishing attempt was made from Europe, with a country code of Italy.
It is recommended to avoid clicking all such PDFs received from unusual sources. Moreover, members are advised to block the following threat indicators.
paulo[@]novahometeam[.]com
hxxp://lopiefuhf[.]ml/wp-admin/docpage/gieeedoc/melstod.php
80.211.69[.]217.
If you think you are a victim of a cyber-security attack. Immediately send an email to info@rewterz.com for a rapid response.