Hello, BitDefender is detecting this: http: // maillixcom.sitebr.net/novabb/index.php
https://www.virustotal.com/en/url/d5547997f0f3f4e935398c42b2213162c8d1143dbf581c4bb380004c6b606312/analysis/1421424179/

It’s clearly a phishing site of a known Brazilian bank.

I’ve PM’d Milo’s.

Lisandro just “google” for “sitebr.net/” and you see nothing but reds from Bitdefender’s TrafficLight.
The name of the game is Dark Tor Tor abuse for the ns server -ns1.t5.com.br & -ns2.t5.com.br,
see : http://darktor.com/whois_ip.cgi?ip=177.47.109.21
Distilled from this results: http://www.dnsinspect.com/sitebr.net/1421448739
There is more abuse going on than simple PHISHING and while on dark tor it is largely “out of sight”.

polonus (volunteer website security analyst and website error-hunter)

Thanks Polonus.
Time to Milos to jump here and help us, specially Brazilian who receive tons of phishing emails…

Yes, Milos is going to set some blocks.
He knows exactly how to tackle such situations.
Good Lisandro they have you there to report from “inside the trenches”.
And great I can then fill you in with some of the particulars,
like to do that for the good of all avast users.

Damian

Hi,
Thanks for the report!
I blocked hxxp://maillixcom.sitebr.net as well as the site it redirected to: hxxp://joomla.p122614.webspaceconfig.de/templates/beez5//images/Banco.do.Brasil.com.br/a6qw6et54auysfd5gh4s6dfb41s6d5h4j6sf5gi4gh654m16dfg54nhs6dh4ds6fg5h4d6f5gh4.html
Honza