We were alerted to the ongoing mypressonline[.]com phishing campaign1 and sought to uncover the site’s complete domain footprint and potential evidence of hosting abuse.
Our deep dive allowed us to build detailed threat research materials containing:
- Over a thousand subdomains under the domain mypressonline[.]com
- Hundreds of domains owned by a past registrant organization of the domain identified as IoC
- Hundreds of domains resolving to the same IP address as the phishing host
- Several domains and subdomains dubbed “dangerous” by various malware engines that when clicked could lead to bigger security problems
Download the threat research materials now to access the complete list of identified artifacts used to conduct additional enrichment and threat analysis.
-  https://exchange.xforce.ibmcloud.com/collection/mypressonline-cdda8dd2b6eb9e5ecdce687fd407cfa2