This detection rule identifies potential phishing attempts targeting WordPress users by detecting messages that contain URLs leading to the WordPress login page (`/wp-login.php`) combined with links from Blogspot domains which mention the Binance cryptocurrency. The rule utilizes content analysis and URL analysis as its detection methods. Specifically, it looks for the embedded WordPress login link along with text patterns typical of scams involving Binance, characterized by references to monetary amounts in USD or Euro and prompts those to act on the fraudulent intent. The rule addresses threats classified under Credential Phishing and BEC/Fraud, employing social engineering tactics and brand impersonation techniques.