Trusted Design

Dropbox Phishing Theme

概要

Phishing email via these two initial shortened URLs: hyperurl.co/swwed (active) or https://rebrand.ly/dropbb54c (currently inactive) Landing to https://globalkitchens.in/data/html/content/initial.php The script of this page, will before reaching kunmap.net/data/00/html/content/account/layout/?token=X kunmap.net is Geo Location Service to determine geolocation. Globalkitchens.in is seems to be newly registered site. We believe both above are unwilling participants (compromised sites) and the script from Globalkitchens.in will call kunmap.net to determine if current Geo = SINGAPORE. If not within SG, it will be redirected to any fake site called "I'm Sean and I'm developer" to disguise unaware analysts or any form of automate malicious site checker such as VT, Quterra, URLVoid, etc. IF Geo Location = SINGAPORE, it will shows Dropbox Phishing Theme which will asked unaware users to enter their email credentials (Gmail, Yahoo, etc).

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

• Fake Dropbox phishing (score: 0.62)
• Dropbox phishing attempt (score: 0.60)
• 2016-06-06 Nigerian Malspam Actor (SWIFT phishing today) (score: 0.59)
• Phishing site (score: 0.59)
• Fake dropbox site to phish email credentials and phone number (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る