Jump to content

[HH#723274] Issue 20049619: Phishing attack at hxxps://netfliix.heliohost[.]us/alldetails.html

HelioHost

By HelioHost
in Email Support

 Share

Recommended Posts

HelioHost Grand Master

HelioHost

Posted
Posted
Username: N/A, Server: N/A, Main Domain: N/A

Hello,

We have discovered a phishing attack located on your network:

hxxps://netfliix.heliohost[.]us/alldetails.html [65.19.141.67]

Although we have previously contacted you about this attack, we are contacting you again because it has recently reappeared.

We understand that this site is simply a redirect to a page showing benign content, however it used to redirect to fraudulent content. The redirect is controlled by a fraudster so can be reused for future attacks, making its removal all the more important.
We previously contacted you about this issue on 2021-09-03 19:51:20 (UTC).
Since our last notification, the following additional URL(s) have been detected:

hxxps://netfliix.heliohost[.]us/alldetails.html

This attack was targeting our customer, Netflix, website URL https://www.netflix.com/.

Would it be possible to have the fraudulent content, and any other associated fraudulent content, taken down as soon as you are able to?

Additionally, please send any files associated with the fraudulent content to records@netflix.com so that our customer and law enforcement agencies can investigate the incident further.

More information about the detected issue is provided at https://incident.netcraft.com/1a2c2f21cde5/

Many thanks,

Netcraft

Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 20051970

To contact us about updates regarding this attack, please respond to this email. Please note: replies to this address will be logged, but aren't always read. If you believe you have received this email in error, or you require further support, please contact: takedown@netcraft.com.

This mail can be parsed with x-arf tools. Visit http://www.xarf.org/ for more information about x-arf.

---
Attachment: none
Category: fraud
Date: 2021-12-08T12:04:37+00:00
Domain: heliohost.us
Port: 443
Report-ID: takedown-response+20049619@netcraft.com
Report-Type: phishing
Reported-From: takedown@netcraft.com
Schema-URL: http://www.xarf.org/schema/fraud_0.1.4.json
Service: https
Source: https://netfliix.heliohost.us/alldetails.html
Source-Type: uri
User-Agent: Netcraft Takedown

Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...