Business Email Hosting Singtel – Get a custom @yourcompany.com email address today! Our business email supports seamless synchronization of your email across Microsoft Outlook, Thunderbird, Google Android, Apple iPhone and any device you want to receive email from!
Access our webmail from any browser to quickly and securely manage your email, calendar, notes and contacts.
Business Email Hosting Singtel
100 GB of storage space is a common space that you can share with all users as a starting point. You can easily upgrade and subscribe to more storage as you need more storage.
Press Release As Pdf
Yes! Unlike standard business email services like Microsoft 365 or Google Workspace, where businesses charge based on the number of users, our business email host only charges based on the storage space you need. You can add almost unlimited number of email users as you want!
Unfortunately not! Either way, we’re so confident you’ll love using our business email host that for your peace of mind, check out how we can give you a 30-day money-back guarantee!
If you need more advanced and sophisticated protection, consider our SpamZetta email security gateway as an add-on to protect your email!
For each email account, you can create any mailbox size from 5 GB to 50 GB per user. If you need a mailbox larger than 50 GB per user, please contact our technical support for assistance.
Singtel To Roll Out Nationwide Cellular Iot Network Next Month
If you want to attach an attachment to your email, the limit is 20 MB. It should be noted that not all mail servers allow receiving globally large attachments. Therefore, if you want to send any attachments larger than 20MB (almost unlimited), you can easily do so by uploading the file to File Storage within Workspace and then sharing the file from cloud storage.
We will attempt to transfer your hosting account to you within ONE business day after your payment has been confirmed.
IMAP vs. POP: Which is better for email? This may be a question when setting up an email address in your email…
This article shares a common email server problem that occurred on our own server or email recipient…In 2022, the threat actors masqueraded as Singapore Post (SingPost) postal service and Singtel, one of Singapore’s leading telecommunications companies. . Victims are targeted by phishing emails from Singapore Post or Singtel.
Frequently Asked Questions
These emails sent users fake billing issues or unpaid bills with links to fake websites asking for their personal information. According to The Straits Times, as of November 2022, at least 85 people have lost $237,000 to these scams.
Although these scams have been widely reported by many publications, including The Independent, the threat actors and their methods have not been publicly investigated. In this blog, I share my discoveries and ways to protect yourself or your business from phishing attacks.
Most phishing campaigns impersonating Singapore Post use specific phishing domains. By examining newly registered domains containing target words such as “singapore”, “singpost” or “sgp”, I was able to identify infrastructure and additional phishing domains. As part of this pivot, I found common words like “update”, “track” and “post” that are also used in other domains.
The first campaign appeared in mid-October and was hosted on Singaporean ISP Nexus Bytes at IP 139.64.239[.]108. Since then, new domains using words similar to “singpost” have been added regularly.
Singtel Stuffs A 5g Network In A Suitcase Sized Box
For this campaign, users will be presented with a landing page claiming that the delivery of the package has been interrupted. They will then be asked to enter their name, full address and telephone number. Once submitted, the victim is taken to a second page that asks them to share their credit card details.
The interesting thing about this particular phishing site is that all the data collection code is embedded in Javascript, where I found a variable called “webpackChunkaupost”. I believe the phishing package may also target Australia Post. WebpackChunk refers to the code chunking feature of the nodeJS Library Webpack; aupost would be Australia Post. This multi-target behavior is seen in some phishing actors who simultaneously target other national postal services such as the United States Postal Service (USPS) and Australia Post.
Screenshots of a phishing website pretending to be Singapore Post show package delivery being interrupted and prompting users to share their credit card details.
A second campaign targeting Singapore Post is located at IP 109.206.241[.]143 hosted by US-based Delis LLC. Phishing websites have been hosted on this IP address since August 2022, new ones are being added since November 2022. In total, more than 120 phishing domains are located on this address, and based on the collected information, Australia Post is also created. targeted by this particular threat actor.
Business Email Hosting
One of the interesting aspects of this campaign is the anti-analytical technology used. Each phishing link is of the form %phishing_domain%/e/authID=%random_letters%/, random letters unique to each phishing site. An error message is returned by the phishing site without a valid authenticator, which prevents phishing sites from being analyzed even if there is no valid link.
The third campaign is based on a single phishing website targeting Singapore Post, German DKB Bank and German Post Bank. The purpose of the site is to trick victims into entering credit card information.
The first landing page asks for shipping costs. But when the user enters the credit card details, after a short loading animation, a page appears asking for a one-time password (OTP). Since the phone number is never entered, the victim will not receive the SMS and any value passed to the OTP code field will return an invalid code error.
An interesting feature of this promotion is that they have a single website where newly registered domains are redirected. This is different from what we usually find, where individual phishing sites stand independently of each other. All redirect sites shown are located in Linode LLC’s data center in Australia at 172.106.177[.]48.
Download Singtel Software Defined Core
It is not clear why the attackers designed the campaign this way. I guess they think the landing site is a shared web resource on the host, so it’s unlikely to be blocked by automated systems. Currently, only a fraction of anti-phishing systems classify this phishing site as malicious, even though it has been active for a while. Newly registered domains bypass any scanners or filters that may have blocked old domains.
Domains that redirect to a phishing site act as a filter. Only “genuine” requests, that is, requests that contain the correct URL of the phishing website, are redirected to the malicious URL. All other requests are directed to a legitimate domain such as Google or a bank website. This can slow campaign discovery and analysis.
Screenshots of a phishing page pretending to be Singapore Post, prompting users to enter credit card details and asking for an OTP that doesn’t exist.
Unlike Singapore Post phishing sites that use newly registered domains, the currently active Singtel phishing campaigns use hacked WordPress domains. Similar to real Singtel websites, the fake login page has tabs for OnePass, the company’s customer login system, and the Singpass mobile app. However, the fake site doesn’t seem to be able to generate the correct QR code, which is the fastest way for customers to log in. Instead, an error message appears suggesting that the user use “other methods” to log in, specifically the login page. When users enter their login information, they are presented with a second page that asks for their credit or debit card information. After the card information is sent, even if you are logged in with an email address, a non-working SMS confirmation dialog will appear.
Lee Chiang Toh
Screenshots of a phishing website pretending to be Singtel, asking users to enter their login and credit card details.
Phishing is one of the most common and effective cyber attacks carried out by fraudsters. Mainly because it’s cheap to make. Any attacker can purchase ready-made kits from the Dark Web. Even if only a small percentage of users fall for the scam, the campaign can be very profitable for the attacker.
Phishing websites may look legitimate, but users should be vigilant to avoid identity theft. Neither Singapore Post nor Singtel will ever ask for your credit card or bank details via email. You should always visit the provider’s official website before logging in instead of clicking on links from untrusted sources such as email and SMS.
*** This is a syndicated blog for the Security Bloggers Network from Lookout Blogs, written by Lookout Blogs. Read the original post: https://resources2.lookout.com/blog/singapore-post-singtel-phishing
Delivering Unified Security For Improved Visibility In The Era Of 5g
Analycts & IntelleGencenceccacaticatice Security SecuritercrkerAwardcateAcateAcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationcationsement (original) security operations inappropriate service
Analytics & IntelligenceAPI SecurityApplication SecurityCISO SuiteCloud SecurityCloud SecurityCyberLawCyberSecurityData SecurityEditorial Calendar TopicGovernance, Risk & ComplianceHumorIdentity & AccessIdentity and Access ManagementIncident ResponseIndustry SpotlightMost Read This WeekNetwork SecuritySecurity Software
Best business email hosting, email hosting for small business, singtel business email, email hosting for business, website and email hosting for small business, singtel business email login, singtel email, small business email hosting, business email hosting services, business email hosting, best email hosting service for small business, free business email hosting
