Phishing | https://nosalural.z43.web.core.windows.net

[CoderMonkey1956]

What are the subjects of the phishing (domains, URLs or IPs)?

• https://nosalural.z43.web.core.windows.net

What are the impersonated domains?

Azure web services/Microsoft support

Where or how did you discover this phishing?

A loved one clicked on it in a fake email. Thankfully no damage.

Do you have a screenshot?

Note: Messed up as it was taken on a phone

Related external source

No response

Additional Information or Context

Creates a fake close site popup just to get you to click something so it can full screen the page. After that, the page is incredibly hard to close and I could only close it by opening task manager with control+alt+delete (control+shift+escape did not work, likely a faulty config tho) and then you can unfulscreen it as it also hides the cursor often.

[phishing-database-bot]

Verification Required

@CoderMonkey1956, thank you for submitting a false positive report! To help us verify your ownership of the affected domain(s), please complete the following steps:

1. Set a DNS TXT record for the domain(s) listed in this issue with the following details:

   • Record Name: _phishingdb
   • Record Value: antiphish-6dafe15b0c0828f05e9d9753e8388fbbc9db95b4

   Your Verification ID: antiphish-6dafe15b0c0828f05e9d9753e8388fbbc9db95b4

2. Wait for DNS propagation (this may take a few minutes to a few hours).

3. Reply to this issue once the TXT record has been set.

Important Notes

• Verification does not guarantee whitelisting. The Phishing.Database team will review your report after verifying ownership, but the decision to whitelist depends on further investigation and analysis.
• If the record cannot be set or you need alternative methods of verification, please contact us at contact@phish.co.za - preferably from the domain's official email address.

How to Check the TXT Record ?

You can verify that the TXT record is properly set using:

• Online tools like MXToolBox TXT Lookup.
• The command line:

  dig TXT _phishingdb.example.com
  

Thank you for your cooperation! We will address your issue as soon as possible after verification.

The Phishing.Database Project Team.

[CoderMonkey1956]

@phishing-database-bot do I need to respond to this? It's not a false positive report, quite the opposite actually.