"The lures in this campaign used polished, enterprise-style HTML templates with structured layouts and preemptive authenticity statements, making them appear more credible than typical phishing emails and increasing their plausibility as legitimate internal communications."
"Because the messages contained accusations and repeated time-bound action prompts, the campaign created a sense of urgency and pressure to act."
"At the top of each message, a notice stated that the message had been 'issued through an authorized internal channel' and that links and attachments had been 'reviewed and approved for secure access,' reinforcing the email's purported legitimacy."
"The email messages used in the campaign employ lures related to code of conduct reviews, using display names like 'Internal Regulatory COC,' 'Workforce Communications,' and 'Team Conduct Report.'"
A credential theft campaign targeted more than 35,000 users across 13,000 organizations in 26 countries, primarily in the U.S. The campaign utilized polished HTML templates and urgency-inducing messages related to code of conduct reviews. Phishing emails were sent from legitimate services, featuring subject lines that suggested internal compliance issues. The emails included statements claiming authorization and security, enhancing their credibility. Key sectors affected included healthcare, financial services, and technology.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]