Re: Issue 46792712: Phishing attack at hxxps://barclay.ketoluke[.]com/

Hello,

We have discovered a phishing attack located on your network:

hxxp://barclay.ketoluke[.]com/ [80.85.242.50]
hxxps://www[.]barclay.ketoluke[.]com/lg.php?r [80.85.242.50]
hxxps://barclay.ketoluke[.]com/3.html? [80.85.242.50]
hxxps://barclay.ketoluke[.]com/final.html? [80.85.242.50]
hxxps://barclay.ketoluke[.]com/1.html [80.85.242.50]
hxxps://barclay.ketoluke[.]com/p/cc.html [80.85.242.50]
hxxps://barclay.ketoluke[.]com/2.html? [80.85.242.50]
hxxps://barclay.ketoluke[.]com/p/lg.html [80.85.242.50]
hxxps://barclay.ketoluke[.]com/ [80.85.242.50]

We previously contacted you about this issue on 2023-10-24 20:05:34 (UTC).
Since our last notification, the following additional URL(s) have been detected:

hxxp://barclay.ketoluke[.]com/
hxxps://barclay.ketoluke[.]com/1.html
hxxps://barclay.ketoluke[.]com/p/cc.html
hxxps://barclay.ketoluke[.]com/p/lg.html
hxxps://www[.]barclay.ketoluke[.]com/lg.php?r

This attack targets our customer, Barclays UK, website URL https://barclays.co.uk/.

Would it be possible to have the fraudulent content, and any other associated fraudulent content, taken down as soon as you are able to?

Additionally, please keep the fraudulent content safe so that our customer and law enforcement agencies can investigate this incident further once the site is offline.

More information about the detected issue is provided at https://incident.netcraft.com/0d864745a35b/

Many thanks,

Netcraft

Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 46792712

To contact us about updates regarding this attack, please respond to this email. Please note: replies to this address will be logged, but aren't always read. If you believe you have received this email in error, or you require further support, please contact: takedown@netcraft.com.

This mail can be parsed with x-arf tools. Visit http://www.xarf.org/ for more information about x-arf