Versions (3)
Version DetailsCurrent
Rev: 1 • Sep 28, 2022, 12:00 PMET PHISHING Generic Credential Phish Landing Page M1 2022-09-28
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING Generic Credential Phish Landing Page M1 2022-09-28"; flow:established,to_client; http.stat_code; content:"200"; file.data; content:"We are the resellers of Travel Products & services i.e. hotels, flights deals, car rentals, vacation packages & attractions. We are a travel company associated with travel consolidators and 3rd party travel suppliers. We are neither directly or indirectly associated with any airlines. All prices quoted through us are including of all taxes and fees. The flight search engine used is a third-party tool used for just providing the information, we are not associated with any company available on it"; nocase; fast_pattern; classtype:credential-theft; sid:2039020; rev:1; metadata:affected_product Windows_XP_Vista_7_8_10_Server_32_64_Bit, attack_target Client_Endpoint, created_at 2022_09_28, deployment Perimeter, confidence Medium, signature_severity Major, updated_at 2022_10_03;)
Sep 28, 2022, 12:00 PM
Oct 3, 2022, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-phishing.rules