alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET PHISHING Apple Phishing Redirect 2019-01-02"; flow:from_server,established; file_data; content:"<!--"; depth:4; content:"window.top.location='account/?view=login&appIdKey="; nocase; within:150; isdataat:!50,relative; classtype:social-engineering; sid:2026748; rev:1; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, created_at 2019_01_02, deployment Perimeter, confidence Medium, signature_severity Minor, tag Phishing, updated_at 2019_07_26;)