Quote:A currently ongoing mobile-aware phishing campaign is targeting various non-governmental entities worldwide, including United Nations humanitarian organizations such as UNICEF, Lookout reports.
The attacks rely on infrastructure that has been live since March 2019 and which includes two domains hosting phishing content, namely session-services[.]com and service-ssl-check[.]com.
The domains resolve to IP addresses 111.90.142.105 and 111.90.142.91 and Lookout has discovered that the associated IP network block and ASN (Autonomous System Number) has a low reputation and was previously observed hosting malware.
What makes the campaign stand out, however, is its ability to detect mobile devices and to log keystrokes as soon as they are entered on the phishing page.
JavaScript code on the fraudulent pages can determine if a mobile device is being used and then delivers mobile-specific content to the user. The attack also relies on the fact that mobile web browsers truncate the URL, which makes it more difficult for the victims to discover the deception.
Read more here: https://www.securityweek.com/united-nati...g-campaign
![[-]](https://www.geeks.fyi/images/collapse.png)
