Phishing campaign targeting the .pl domain name registry

NASK's CSIRT team informs about a phishing campaign targeting the .pl domain name registry (dns.pl). Addressees receive an e-mail message informing them to confirm the email address associated with the domain name. The link directs to a page that phishes for login credentials from the user.

The following URL is used for the phishing scam: https://dns-pl[.]com/#sMnOlItPmNpP - this domain name has already been added to the list of CERT Polska warnings.

Regardless of the above, please be careful and do not click on links contained in such messages, because they do not come from the .pl domain registry.