personaldata.pw

Microsoft Online Login - Phishing scam. So recently I received an email from one of my colleagues, of which asked me to open an invoice. Obviously I knew it wasn't quite right so ended up opening up the email on a virtual machine. Turns out the attachment was a PDF, the PDF was blurred and wanted me to click the document to load a bit.ly link. This directed the browser to http://storage.googleapis.com/dollar-home-2314122/xasdgqwecasdvsqwe/portal-office-microsoft.html I then proceeded to enter false credentials of which send POST data to https://personaldata.pw/soutyboyan01/finish.php of which redirected to the Microsoft login page. Now at this point I'd had a few emails from some other colleagues who had fallen for this, I decided to take some action. Now obviously a DDOS attack would have worked however it's only a temporary solution. So I decided that wasting the operator's time at the other end of the server would be a better solution. https://imgur.com/a/DzhjGJQ I decided to start by sending lovely working credentials to the server. For some reason I decided that this would be too simple. I added a few random numbers to ensure it wasn't a simple replace-all job. https://imgur.com/a/Dva9DaL I then realised it's missing the entire troll aspect of the internet, of course I'm sending 7 requests a second each with random numbers in various places in the username but how do I incorporate the primary function of the internet. Well, I decided our best friend Rick was the best person for the job. After converting the image to base64, I have this bottle of joys. https://imgur.com/upCjxFS https://pastebin.com/iQ4v6iXZ I'm only at about 22,000 requests in the last hour but I'm happy leaving this to run for a few days until I get bored. Any suggestions to take this further?

Microsoft Online Login - Phishing scam. So recently I received an email from one of my colleagues, of which asked me to open an invoice. Obviously I knew it wasn't quite right so ended up opening up the email on a virtual machine. Turns out the attachment was a PDF, the PDF was blurred and wanted me to click the document to load a bit.ly link. This directed the browser to http://storage.googleapis.com/dollar-home-2314122/xasdgqwecasdvsqwe/portal-office-microsoft.html I then proceeded to enter false credentials of which send POST data to https://personaldata.pw/soutyboyan01/finish.php of which redirected to the Microsoft login page. Now at this point I'd had a few emails from some other colleagues who had fallen for this, I decided to take some action. Now obviously a DDOS attack would have worked however it's only a temporary solution. So I decided that wasting the operator's time at the other end of the server would be a better solution. https://imgur.com/a/DzhjGJQ I decided to start by sending lovely working credentials to the server. For some reason I decided that this would be too simple. I added a few random numbers to ensure it wasn't a simple replace-all job. https://imgur.com/a/Dva9DaL I then realised it's missing the entire troll aspect of the internet, of course I'm sending 7 requests a second each with random numbers in various places in the username but how do I incorporate the primary function of the internet. Well, I decided our best friend Rick was the best person for the job. After converting the image to base64, I have this bottle of joys. https://imgur.com/upCjxFS https://pastebin.com/iQ4v6iXZ I'm only at about 22,000 requests in the last hour but I'm happy leaving this to run for a few days until I get bored. Any suggestions to take this further?

Microsoft Online Login - Phishing scam. So recently I received an email from one of my colleagues, of which asked me to open an invoice. Obviously I knew it wasn't quite right so ended up opening up the email on a virtual machine. Turns out the attachment was a PDF, the PDF was blurred and wanted me to click the document to load a bit.ly link. This directed the browser to http://storage.googleapis.com/dollar-home-2314122/xasdgqwecasdvsqwe/portal-office-microsoft.html I then proceeded to enter false credentials of which send POST data to https://personaldata.pw/soutyboyan01/finish.php of which redirected to the Microsoft login page. Now at this point I'd had a few emails from some other colleagues who had fallen for this, I decided to take some action. Now obviously a DDOS attack would have worked however it's only a temporary solution. So I decided that wasting the operator's time at the other end of the server would be a better solution. https://imgur.com/a/DzhjGJQ I decided to start by sending lovely working credentials to the server. For some reason I decided that this would be too simple. I added a few random numbers to ensure it wasn't a simple replace-all job. https://imgur.com/a/Dva9DaL I then realised it's missing the entire troll aspect of the internet, of course I'm sending 7 requests a second each with random numbers in various places in the username but how do I incorporate the primary function of the internet. Well, I decided our best friend Rick was the best person for the job. After converting the image to base64, I have this bottle of joys. https://imgur.com/upCjxFS https://pastebin.com/iQ4v6iXZ I'm only at about 22,000 requests in the last hour but I'm happy leaving this to run for a few days until I get bored. Any suggestions to take this further?

Microsoft Online Login - Phishing scam. So recently I received an email from one of my colleagues, of which asked me to open an invoice. Obviously I knew it wasn't quite right so ended up opening up the email on a virtual machine. Turns out the attachment was a PDF, the PDF was blurred and wanted me to click the document to load a bit.ly link. This directed the browser to http://storage.googleapis.com/dollar-home-2314122/xasdgqwecasdvsqwe/portal-office-microsoft.html I then proceeded to enter false credentials of which send POST data to https://personaldata.pw/soutyboyan01/finish.php of which redirected to the Microsoft login page. Now at this point I'd had a few emails from some other colleagues who had fallen for this, I decided to take some action. Now obviously a DDOS attack would have worked however it's only a temporary solution. So I decided that wasting the operator's time at the other end of the server would be a better solution. https://imgur.com/a/DzhjGJQ I decided to start by sending lovely working credentials to the server. For some reason I decided that this would be too simple. I added a few random numbers to ensure it wasn't a simple replace-all job. https://imgur.com/a/Dva9DaL I then realised it's missing the entire troll aspect of the internet, of course I'm sending 7 requests a second each with random numbers in various places in the username but how do I incorporate the primary function of the internet. Well, I decided our best friend Rick was the best person for the job. After converting the image to base64, I have this bottle of joys. https://imgur.com/upCjxFS https://pastebin.com/iQ4v6iXZ I'm only at about 22,000 requests in the last hour but I'm happy leaving this to run for a few days until I get bored. Any suggestions to take this further?