Xiaomi Phishing Attempt - Red Flags You Can't Afford to Ignore

Cofense Phishing Defense Center uncovered a credential-harvesting phishing campaign targeting Xiaomi users: victims receive emails about a "new certification" that link to a spoofed Xiaomi login page (hXXps://www.amolikhousing.co.in/XIAOMI/, IP 43.225.54.162). The landing page closely mimics Xiaomi’s portal to capture credentials without using malware; the report includes an email sample, phishing page details, IOCs, and emphasizes the need for human-led detection and user awareness.