Search This Blog

Powered by Blogger.

Blog Archive

Labels

Worldwide Tailor-Made Massive Phishing Campaign

This expansive operation encompassed over 800 distinct fraudulent domains, taking on the guise of approximately 340 reputable global enterprises.
The spotlight turned towards a worldwide phishing campaign when an incident unfolded involving an Imperva staff member who was singled out and almost ensnared by a social engineering assault.

Imperva, situated in San Mateo, California, operates as a cybersecurity company. It specializes in offering protective solutions for corporate data and application software, ensuring that businesses are shielded from potential threats. 

It all began when he (an Imperva staff member) tried to sell a car seat on Yad2, a website for used items. Someone interested in buying messaged him on WhatsApp and introduced a fake payment service, using Yad2's look, and sent a link (hxxps://yad2[.]send-u[.]online/4765567942451). 

The fake site had the Yad2 logo and an orange button to get paid. Subsequently, the target was led to a payment page, which then transmitted the credit card information to the fraudsters. The website also featured a customer support chat feature that enabled the individual to communicate with Yad2. 

This expansive operation encompassed over 800 distinct fraudulent domains, taking on the guise of approximately 340 reputable global enterprises. Among these were prominent financial institutions, postal and courier services, and social media and e-commerce platforms. 

Renowned names like Facebook, Booking.com, and other frequently visited websites were among the imitated entities, all of which attract substantial user traffic. 

A campaign originating from Russian IP addresses has been detected, and it has been linked to around 800 distinct scam domains, all of which are outlined in the Indicators of Compromise (IOCs). The campaign's origins can be traced back to May 2022, and it continues to remain active, undergoing periodic updates. The comprehensive analysis uncovered phishing websites in over 48 languages, all engaged in the impersonation of more than 340 different companies. 

At its core, social engineering exploits the power of human interaction as an attack vector. Its primary objective revolves around influencing, manipulating, or deceiving individuals to disclose crucial information or obtain entry within an organization. 

This type of manipulation often capitalizes on people's willingness to help or their apprehensions of potential repercussions. For instance, an attacker might assume the role of a coworker grappling with an immediate problem, seeking permission for additional network resources.
Share it:

Advanced Social Engineering

cyber attack

Cyber Attacks

Phishing Attacks

Phishing Campaign