I received an email from: ‘Amrican Express’'[email protected]
It also wants you to email [email protected]
The email had several attachments, one being a txt file containing code found here: Code attached to fake email - Pastebin.com
I’m not sure what to make of it.
So, what do you all make of this? Is this some new form of 419, or is this a phishing attempt?
Its a fake webpage you open as a local HTML page. It will load in the web browser and look like a website but its not running on a remote server its just opened on your machine. Theres some javascript at the bottom that appears to post all of your information to a server hosted somewhere else. Would be easy to spam it with fake data and destroy their collection. Its posting to this URL https://quorumgroup.com.ph/book.php
That code starts on line 1300 of the file. It seems to parse the inputs as a string and post it to the server as plaintext
New email from: '‘American Express’'[email protected]
“Forward this message and its attachments to [email protected] and check your inbox for a link to view the message.”
