16 min read

The Compact Campaign

By WMC Global Threat Intelligence Team on 3/4/21 12:27 PM


Phishing campaigns continue to utilize the disruption of the pandemic to target victims, and a new campaign takes advantage of Zoom's rising popularity. Since December, the "Compact" Campaign has been targeting thousands of users by impersonating a Zoom invite and is estimated to have collected over 400,000 Outlook Web Access and Office 365 credentials. This campaign is unique in its use of trusted domains to ensure delivery of phishing emails and preventing phishing pages from being blocked. This is especially worrisome for organizations who will struggle to defend against this attack.

Topics: Phishing Phishing Kit Data Exfiltration Microsoft Office 365 Zoom
6 min read

Phishing Exfiltration Method: Email

By WMC Global Threat Intelligence Team on 11/13/20 10:06 AM

Phishing attacks have been on the rise in recent years, and 2020 in particular has seen a stark increase in phishing incidents since the start of the pandemic in January[i]. Tech companies and banks are the most commonly impersonated companies in phishing scams, which steal their victims credentials and other sensitive data and send them to the scammer[ii]. 

Topics: Kit Analysis Phishing Phishing Kit Data Exfiltration Cryptocurrency Blockchain Credentials Shadow Z118 Paypal
7 min read

Phishing Kit Exfiltration Methods

By WMC Global Threat Intelligence Team on 8/19/20 9:05 AM

At WMC Global, we analyze hundreds of phishing kits every week, which use a range of lures to steal credentials from victims, and we examine the exfiltration mechanisms used by threat actors to harvest stolen credentials from victims. The majority of phishing kits use a simple email exfiltration method to send victims’ data—compromised credentials—to a mailbox owned by the threat actor; the second most common method of exfiltration was writing the stolen data to a file stored on the website host. Though there are many exfiltration methods available to threat actors, our analysis found email and file write exfiltration to be amongst the most common.

Topics: Phishing Phishing Kit Data Exfiltration