Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Jake | JCyberSec_ Profile picture
Jake | JCyberSec_
@JCyberSec_
Expert in Credential Phishing and Phishing Kit Research. Working in Cyber Security - Threat Intelligence #Phishing
Jul 19 8 tweets 3 min read
Threat Actors using the global CrowdStrike outage to spin up new domains 🌐

👁️Keep an eye out for malware posing to 'fix' the issue
🔒Malicious phishing pages posing as a fixing site

#Phishing Image IoCs for people to monitor:
/crowdstrikebluescreen.com
/crowdstrike0day.com
/crowdstrike-bsod.com
/crowdstrikedoomsday.com
/crowdstrikedoomsday.com
/crowdstrikefix.com
/crowdstrikedown.site
/crowdstriketoken.com
Jan 18 10 tweets 3 min read
I got phished. Not a training phish a REAL #phishing site⚠️

I am a security expert but I still fell for it🫡

⛔️You shouldn't blame users everyone can get tricked.

Here is what happened....🧵⤵️ I was selling some items of clothes on Vinted👚

✉️I got an email from Vinted saying one of my items had been sold and to click here to process the order.

I clicked on the link without thinking and got to a page which asked for my card details💳 Image
Nov 24, 2022 17 tweets 6 min read
⚠️UK police to send 70,000 SMS after taking down ispoof

The UK’s largest fraud operation has brought down a phone number spoofing and OTP capturing site - ispoof[.]cc📱

Full Details and Analysis in Thread⤵️🧵 🕵️UK law enforcement are now preparing to send 70,000 SMS messages to potential victims of the site

ispoof allowed controlling users to intercept OTP and Telepins of victims #⃣#⃣#⃣#⃣

💯This video was uploaded to the ispoof telegram channel and is beyond amazing!!! 😂🤣😂🤣
Mar 16, 2022 15 tweets 4 min read
I have been able to capture #Flubots deployment code⚠️

🔍This code is used on websites when a victim attempts to download the malicious APK

Here is what I found ⤵️

1/n The code is a single php file with 330 lines...

However after removing hundreds of new lines and padding to 'hide' the code

We are left with this...
Dec 1, 2021 17 tweets 6 min read
Announcing KIT Intel 📣

🎉A Phishing Kit Intelligence Platform

“Understand the threat actors' playbook and capabilities”

#KITIntel

🧵 THREAD ⤵️ KIT Intel is a tool for phishing kit research...at scale.

📁 Upload, Analyze, Cluster, and Research phishing kits like never before.
Nov 19, 2021 21 tweets 6 min read
So you want to learn about phishing kits 🧑‍🎓

🧵 In this thread I will highlight threat hunting skills and IoCs within phishing kits to look for ⤵️

Retweets are appreciated ♻️

🔍Follow me for more #phishing intelligence @Jcybersec_ 📁What is a phishing kit?

When a threat actor wants to create a phishing page they will create the page on their own machine.
Zipping it up 🤐
And then putting this zip on a website to then deploy 🌐
May 29, 2020 12 tweets 6 min read
Phishing data analysis can provide an insight into victims and discreet campaign targeting tactics.📊

The following data has been extracted from multiple campaigns from the same SMS based phishing campaign targeting UK victims.📲

<THREAD>

#phishing #security #cyber Image There is a total of 433 victims data analyzed in the research; however, not all fields were submitted or valid so total data ranges will vary throughout. Image
Apr 30, 2020 14 tweets 8 min read
:: 16Shop Intelligence Thread ::

#16Shop is a prolific and one of the first #Phishing-as-a-Service (PaaS) offerings.

⚠️This is an intelligence thread on notable elements of the kit, the operation, how to test and detect the scam.

#THREAD 16Shop was initially detected in the wild in late 2017 by McAfee security researchers, this kit was using an Apple theme. 🖥️

Initially access to the kit was sold on Facebook 💰
Dec 3, 2019 15 tweets 15 min read
:: Magecart Hunting Thread ::

This is a thread about how to hunt and find #Magecart infected sites using @URLscan. 💰💵

♻️Please retweet to help spread knowledge and feel free to add your own techniques, ideas, and suggestions.

⚠️THREAD⚠️ A brief overview of Magecart.

Magecart is an umbrella term for the technique of injecting JavaScript to steal credit card numbers on E-commerce sites. A number of actors/groups operate under the same term implanting JavaScript onto checkout pages all over the world.
Jul 31, 2019 22 tweets 16 min read
:: Phishing Admin Panel Hunting Thread ::

In this thread we will find ways to hunt and attribute phishing admin panels.

This is a continuation from my #phishing hunting thread released earlier this year. ()

Please retweet to knowledge share among others. Firstly we need to understand what an admin panel is in relation to phishing sites. There are many phishing-as-a-service (PaaS) offerings for threat actors to buy allowing them to quickly and easily deploy kits online. They normally consists of a threat actor buying an API key.
May 21, 2019 16 tweets 13 min read
:: Phishing Hunting Thread ::

This is a thread about how to hunt and find #Phishing sites.
Retweets would be great to help spread the knowledge and please add your own techniques, ideas and suggestions.

Let's go hunting! Firstly we need a site to use as a pivot. I have attached a number of sources at the bottom of this thread. For demonstration purposes we will use this site ::

hxxp://www.new.froid-guyader.fr/libraries/sharepointcontract/

This is a #Phishing site against Microsoft Office