Versions (3)
Version DetailsCurrent
Rev: 4 • May 25, 2016, 12:00 PMET PHISHING Phishing Fake Mailbox Quota Increase Messages 2016-05-25
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING Phishing Fake Mailbox Quota Increase Messages 2016-05-25"; flow:to_client,established; file_data; content:"//configure destination URL"; nocase; content:"Upgrading your mailbox"; nocase; fast_pattern; distance:0; content:"Upgrade Successful"; nocase; distance:0; content:"added to your mail quota"; nocase; distance:0; content:"//Do not edit below this line"; distance:0; nocase; classtype:social-engineering; sid:2031989; rev:4; metadata:attack_target Client_Endpoint, created_at 2016_05_25, deployment Perimeter, confidence Medium, signature_severity Major, tag Phishing, updated_at 2022_03_17;)
May 25, 2016, 12:00 PM
Mar 17, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-phishing.rules