Synopsis: The threat actors hidden their email phishing package anywhere. As common we know, email phishing scam foot print are wide in area. But the antivirus and malware solution vendor setup blacklist domain name and content filtering function has reduced the infection ratio of malware and ransomware. It looks that the similar of idea to hunting cyber victim still valid. In my observation, the attacker sometimes will be reuse their technique. This time they store the trap in social media web. Found that the scam activities which mimic Hong Kong Broadband luck draw online program activities is awaken again. I found similar activities on yesterday (16th Feb 2020). Even the VirusTotal repository has only one cybersecurity vendor detected a similar record type. In the sense that they can escape your defense solution.
For more detail, please refer to announcement by HKBN in past. https://www.hkbn.net/personal/dist/img/src/pdf/Warning-Against-Phishing-Website_en.pdf